The Windows client in SAP Afaria 7.0.6398.0 uses weak permissions (Everyone: read and Everyone: write) for the install folder, which allows local users to gain privileges via a Trojan horse XeService.exe file.
CPE | Name | Operator | Version |
---|---|---|---|
afaria | eq | 7.0.6398.0 |