PT-2021-17836 · Soyal Technology · Soyal Technology 701Client

Gjoko Krstic

Published

2021-04-27

Updated

2021-05-07

CVE-2021-28269

CVSS v3.1

8.8

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions: Soyal Technology 701Client version 9.0.1

Description: The issue concerns insecure permissions via the client.exe binary, where the Authenticated Users group has Full permissions.

Recommendations: For Soyal Technology 701Client version 9.0.1, consider restricting the permissions of the Authenticated Users group on the client.exe binary to minimize the risk of exploitation.

Exploit

Fix

Incorrect Permission

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-732

Related Identifiers

CVE-2021-28269

Affected Products

Soyal Technology 701Client

PT-2021-17836 · Soyal Technology · Soyal Technology 701Client

CVE-2021-28269

Weakness Enumeration

Related Identifiers

Affected Products

References · 5