CVE-2021-22682

Name of the Vulnerable Software and Affected Versions Cscape versions prior to 9.90 SP4

Description The issue is related to inadequate access control in the Cscape software. Exploitation of this issue may allow an attacker to elevate their privileges. The software is configured by default to be installed for all users, granting full permissions, including read/write access. This configuration may enable unprivileged users to modify binaries and configuration files, potentially leading to local privilege escalation.

Recommendations For versions prior to 9.90 SP4, update to version 9.90 SP4 or later to resolve the issue. As a temporary workaround, consider restricting access to the Cscape installation directory to minimize the risk of exploitation.