CVE-2022-38176

Name of the Vulnerable Software and Affected Versions YSoft SAFEQ versions prior to 6.0.72

Description An issue in YSoft SAFEQ allows for local user privilege escalation. This is due to incorrect privileges configured as part of the installer package for the Client V3 services, enabling an attacker to overwrite the executable file via an alternative data stream.

Recommendations For versions prior to 6.0.72, update to version 6.0.72 or later to resolve the issue. As a temporary workaround, consider restricting access to the Client V3 services to minimize the risk of exploitation.