Several SafeNet Authentication Service Agents could allow a local attacker to obtain privilege escalation due to weak ACLs assigned to subdirectories and executable modules of those products. A user with low privileges could modify and/or substitute executable modules which a high privileged user could later execute in their own security context.

Further detail

A PDF containing further detail has been released by the vendor.
Their own advisory can be found here: https://safenet.gemalto.com/technical-support/security-updates/.

CVE numbers

A number of CVEs have been issued for vulnerabilities associated with this:

  • CVE-2015-7961
  • CVE-2015-7962
  • CVE-2015-7963
  • CVE-2015-7964
  • CVE-2015-7965
  • CVE-2015-7966
  • CVE-2015-7967
  • CVE-2015-7596
  • CVE-2015-7597
  • CVE-2015-7598

Disclosure timeline

  • Vulnerability Discovered – 01/2016
  • Vendor Notified – 01/2016
  • Vendor Acknowledged Issues – 01/2016
  • Vendor created Security Bulleting with fixed issues – 25/01/2016
  • Vendor notified that advisory is now public – 31/03/2016