CVE-2024-0197

HIGH

Thalesgroup Sentinel Hasp Ldk < 9.16 - Improper Privilege Management

Title source: rule

Description

A flaw in the installer for Thales SafeNet Sentinel HASP LDK prior to 9.16 on Windows allows an attacker to escalate their privilege level via local access.

Exploits (1)

nomisec WORKING POC 3 stars

by ewilded · poc

https://github.com/ewilded/CVE-2024-0197-POC

View Code ZIP pw:eip

References (1)

[Product] https://supportportal.thalesgroup.com

Scores

CVSS v3 7.8

EPSS 0.0155

EPSS Percentile 81.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-269

Status published

Products (1)

thalesgroup/sentinel_hasp_ldk < 9.16

Published Feb 27, 2024

Tracked Since Feb 18, 2026