CVE-2022-0997

Name of the Vulnerable Software and Affected Versions Fidelis Network and Deception versions prior to 9.4.5

Description The issue is related to improper file permissions in certain components, allowing an attacker with local administrative access to modify script files. This could result in arbitrary commands being executed as root upon subsequent logon by a root user.

Recommendations For versions prior to 9.4.5, update to version 9.4.5 or later to address the issue. As a temporary workaround, consider restricting access to the affected script files to prevent modification until a patch is applied.