PT-2024-15380 · Thales · Thales Safenet Sentinel Hasp Ldk
Julian Horoszkiewicz
·
Published
2024-02-27
·
Updated
2024-02-27
·
CVE-2024-0197
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Thales SafeNet Sentinel HASP LDK versions prior to 9.16
Description
A flaw in the installer for Thales SafeNet Sentinel HASP LDK on Windows allows an attacker to escalate their privilege level via local access.
Recommendations
For versions prior to 9.16, update to version 9.16 or later to resolve the issue. As a temporary workaround, consider restricting local access to the system until a patch is applied.
Fix
Improper Privilege Management
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Thales Safenet Sentinel Hasp Ldk