Several SafeNet Authentication Service Agents could allow a local attacker to obtain privilege escalation due to weak ACLs assigned to subdirectories and executable modules of those products. A user with low privileges could modify and/or substitute executable modules which a high privileged user could later execute in their own security context.
Further detail
A PDF containing further detail has been released by the vendor.
Their own advisory can be found here: https://safenet.gemalto.com/technical-support/security-updates/.
CVE numbers
A number of CVEs have been issued for vulnerabilities associated with this:
- CVE-2015-7961
- CVE-2015-7962
- CVE-2015-7963
- CVE-2015-7964
- CVE-2015-7965
- CVE-2015-7966
- CVE-2015-7967
- CVE-2015-7596
- CVE-2015-7597
- CVE-2015-7598
Disclosure timeline
- Vulnerability Discovered – 01/2016
- Vendor Notified – 01/2016
- Vendor Acknowledged Issues – 01/2016
- Vendor created Security Bulleting with fixed issues – 25/01/2016
- Vendor notified that advisory is now public – 31/03/2016