Local Privilege Escalation Vulnerability in Atos Eviden CardOS API

CVE-2023-41099

What is CVE-2023-41099?

A vulnerability exists in the Windows installer of Atos Eviden CardOS API that permits local privilege escalation. This flaw allows a regular user to gain elevated permissions, enabling them to operate with SYSTEM privileges. Such escalation can lead to unauthorized access and control over system functions, which poses significant risks to system integrity and data confidentiality. Users of Atos Eviden CardOS API prior to version 5.5.5.2811 are advised to apply the necessary updates to mitigate potential threats associated with this vulnerability.

References