CVE-2021-40388

Name of the Vulnerable Software and Affected Versions Advantech SQ Manager Server version 1.0.6

Description A privilege escalation issue exists due to incorrect default permission settings, allowing an attacker to elevate privileges to NT SYSTEM authority by replacing a specially-crafted file in the system. This can be triggered by providing a malicious file.

Recommendations For Advantech SQ Manager Server version 1.0.6, consider restricting access to sensitive files and directories to prevent unauthorized modifications until a patch is available. As a temporary workaround, monitor file system changes closely to detect potential exploitation attempts. At the moment, there is no information about a newer version that contains a fix for this vulnerability.