CVE-2024-29119

Name of the Vulnerable Software and Affected Versions Spectrum Power 7 versions prior to V24Q3

Description A vulnerability has been identified in the affected product, which contains several root-owned SUID binaries. This could allow an authenticated local attacker to escalate privileges. The issue is related to the incorrect assignment of privileges through the execution of SUID binaries.

Recommendations For versions prior to V24Q3, consider restricting access to the root-owned SUID binaries as a temporary workaround until a patch is available. Additionally, review and adjust the privileges assigned to these binaries to prevent potential exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.