Several SafeNet Authentication Service Agents could allow a local attacker to obtain privilege escalation due to weak ACLs assigned to subdirectories and executable modules of those products. A user with low privileges could modify and/or substitute executable modules which a high privileged user could later execute in their own security context.
A PDF containing further detail has been released by the vendor.
Their own advisory can be found here: https://safenet.gemalto.com/technical-support/security-updates/.
A number of CVEs have been issued for vulnerabilities associated with this:
- Vulnerability Discovered – 01/2016
- Vendor Notified – 01/2016
- Vendor Acknowledged Issues – 01/2016
- Vendor created Security Bulleting with fixed issues – 25/01/2016
- Vendor notified that advisory is now public – 31/03/2016