CVE-2022-39062

Name of the Vulnerable Software and Affected Versions SICAM TOOLBOX II versions prior to V07.10

Description A vulnerability has been identified in SICAM TOOLBOX II where affected applications do not properly set permissions for product folders. This could allow an authenticated attacker with low privileges to replace DLLs and conduct a privilege escalation. The issue is related to the improper assignment of permissions for a critical resource, which could allow a remote attacker to access confidential data and elevate their privileges.

Recommendations For versions prior to V07.10, update to version V07.10 or later to resolve the issue. As a temporary workaround, consider restricting access to the product folders to prevent unauthorized modifications. Additionally, monitor system activity for suspicious behavior and restrict privileges to the lowest level necessary for authenticated users.