CVSS: 7.2EPSS: 0%CPEs: 2EXPL: 0CVE-2021-42808 – The Sentinel Protection Installer 7.7.0 creates files and directory with all privileges granting any user full permissions.
https://notcve.org/view.php?id=CVE-2021-42808
Improper Access Control in Thales Sentinel Protection Installer could allow a local user to escalate privileges. Un Control de Acceso Inapropiado en Thales Sentinel Protection Installer podría permitir a un usuario local escalar privilegios • https://cpl.thalesgroup.com/fr/software-monetization/security-updates • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2021-42809 – The Sentinel Protection Installer 7.7.0 does not properly restrict loading Dynamic Link Library
https://notcve.org/view.php?id=CVE-2021-42809
Improper Access Control of Dynamically-Managed Code Resources (DLL) in Thales Sentinel Protection Installer could allow the execution of arbitrary code. Un Control de Acceso Inapropiado de los Recursos de Código Administrados Dinámicamente (DLL) en Thales Sentinel Protection Installer podría permitir una ejecución de código arbitrario • https://cpl.thalesgroup.com/fr/software-monetization/security-updates • CWE-913: Improper Control of Dynamically-Managed Code Resources •