Sap · Sap Afaria · CVE-2015-3449
**Name of the Vulnerable Software and Affected Versions**
SAP Afaria version 7.0.6398.0
**Description**
The issue concerns weak permissions set for the install folder of the Windows client in SAP Afaria, allowing local users to escalate privileges. This can be achieved by exploiting the weak permissions (Everyone: read and Everyone: write) through a Trojan horse XeService.exe file.
**Recommendations**
For SAP Afaria version 7.0.6398.0, consider restricting access to the install folder to prevent local users from exploiting the weak permissions until a fix is available. As a temporary workaround, restrict write access to the XeService.exe file to minimize the risk of exploitation.