CVE-2023-22947

Name of the Vulnerable Software and Affected Versions Shibboleth Service Provider (SP) versions prior to 3.4.1

Description The issue concerns insecure folder permissions in the Windows installation path of Shibboleth Service Provider (SP). This allows an unprivileged local attacker to escalate privileges to SYSTEM via DLL planting in the service executable's folder. The vulnerability occurs because the installation goes under C:opt by default, rather than C:Program Files. The vendor disputes the significance of this report, stating that the ACLs are considered a best effort thing and it was a documentation mistake.

Recommendations For versions prior to 3.4.1, update to version 3.4.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the vulnerable folder to minimize the risk of exploitation.