CVE-2021-42056

Name of the Vulnerable Software and Affected Versions Thales Safenet Authentication Client (SAC) for Linux and Windows versions through 10.7.7

Description The issue allows a local attacker to create insecure temporary hid and lock files, potentially leading to arbitrary file overwriting and command execution with high privileges through a symlink attack.

Recommendations For versions through 10.7.7, consider restricting access to temporary files and directories to minimize the risk of exploitation until a patch is available. As a temporary workaround, avoid using the affected Thales Safenet Authentication Client (SAC) for sensitive operations until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.