CVE-2021-42056

MEDIUM

Thales Safenet Authentication Client < 10.7.7 - Arbitrary File Write via Symlink Attack

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-42056. PoCs published by z00z00z00.

AI-analyzed exploit summary This repository documents a privilege escalation vulnerability (CVE-2021-42056) in Thales Safenet Authentication Client due to insecure file permissions (777/666) on temporary files, allowing symlink attacks to overwrite system files or escalate privileges to root.

Description

Thales Safenet Authentication Client (SAC) for Linux and Windows through 10.7.7 creates insecure temporary hid and lock files allowing a local attacker, through a symlink attack, to overwrite arbitrary files, and potentially achieve arbitrary command execution with high privileges.

Exploits (1)

nomisec WRITEUP
by z00z00z00 · poc
https://github.com/z00z00z00/Safenet_SAC_CVE-2021-42056

This repository documents a privilege escalation vulnerability (CVE-2021-42056) in Thales Safenet Authentication Client due to insecure file permissions (777/666) on temporary files, allowing symlink attacks to overwrite system files or escalate privileges to root.

Classification
Writeup 100%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Thales Safenet Authentication Client (versions up to 22.3)
No auth needed
Prerequisites: Local access to the system · Safenet Authentication Client installed and running
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1
Core References
Exploit, Third Party Advisory x_refsource_misc
https://github.com/z00z00z00/Safenet_SAC_CVE-2021-42056

Scores

CVSS v3 6.7
EPSS 0.0102
EPSS Percentile 59.6%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-59
Status published
Products (1)
thalesgroup/safenet_authentication_client < 10.7.7
Published Jun 24, 2022
Tracked Since Feb 18, 2026