CVE-2023-38641

Name of the Vulnerable Software and Affected Versions SICAM TOOLBOX II versions prior to V07.10

Description A vulnerability has been identified in the SICAM TOOLBOX II application, where the database service is executed as NT AUTHORITYSYSTEM. This could allow a local attacker to execute operating system commands with elevated privileges. The issue is related to access control errors, which may enable an attacker to execute arbitrary commands with increased privileges.

Recommendations For versions prior to V07.10, update to version V07.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the database service to minimize the risk of exploitation.