CVE-2023-5993

Published: Feb 27, 2024Modified: Mar 4, 2025

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A flaw in the Windows Installer in Thales SafeNet Authentication Client prior to 10.8 R10 on Windows allows an attacker to escalate their privilege level via local access.

Affected (7)

Products: Thalesgroup: Safenet Authentication Client

Thalesgroup

1 product

Safenet Authentication Client

Configuration A

7 vulnerable · 1 platform

Vulnerable Software	Affected Versions
Thalesgroup Safenet Authentication Client	Before 10.8
Thalesgroup Safenet Authentication Client	Version 10.8
Thalesgroup Safenet Authentication Client	Version 10.8 r1
Thalesgroup Safenet Authentication Client	Version 10.8 r5
Thalesgroup Safenet Authentication Client	Version 10.8 r6
Thalesgroup Safenet Authentication Client	Version 10.8 r8
Thalesgroup Safenet Authentication Client	Version 10.8 r9

Running on/with	Platform Versions
Microsoft Windows	All versions

Related CWEs

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (2)

https://supportportal.thalesgroup.com

Source: psirt@thalesgroup.com

Product

https://supportportal.thalesgroup.com

Source: af854a3a-2127-422b-91ae-364da2661108

Product

Timeline

No history available yet.