OTPulse
FeedAboutContact

Thales DIS SafeNet Sentinel LDK License Manager Runtime

Plan Patch7.3ICS-CERT ICSA-19-339-01Dec 5, 2019
Attack VectorLocal
Auth RequiredLow
ComplexityLow
User InteractionNone needed
Summary

SafeNet Sentinel LDK License Manager (all versions before 7.101 on Microsoft Windows) is vulnerable to privilege escalation. A local attacker with user-level credentials could exploit a path traversal flaw to escalate privileges to system level. The vulnerability affects Windows versions only and is not remotely exploitable.

What this means
What could happen
A local attacker with user-level credentials could escalate privileges on a Windows system running SafeNet Sentinel LDK License Manager, potentially gaining administrative access to the license management system and any connected industrial processes that rely on it.
Who's at risk
Organizations using SafeNet Sentinel LDK License Manager on Windows servers to manage software licensing for industrial control systems, SCADA platforms, or engineering workstations. This affects any facility that relies on Thales license management for critical software components.
How it could be exploited
An attacker with a user account on the Windows system running SafeNet Sentinel LDK License Manager could exploit a path traversal or privilege escalation flaw (CWE-59) to bypass security controls and elevate their privileges to system or administrator level. This requires local access to the affected machine; it cannot be exploited remotely.
Prerequisites
  • Local user account on the Windows system running SafeNet Sentinel LDK License Manager
  • Version prior to 7.101
local access requiredprivilege escalationaffects license manager (potential single point of control)no public exploits knownpatch available from vendor
Exploitability
Low exploit probability (EPSS 0.3%)
Affected products (1)
ProductAffected VersionsFix Status
SafeNet Sentinel LDK License Manager: all< 7.101 (only Microsoft Windows versions are affected)7.101 or later
Remediation & Mitigation
0/3
Schedule — requires maintenance window
0/1

Patching may require device reboot — plan for process interruption

HOTFIXUpgrade SafeNet Sentinel LDK License Manager to version 7.101 or later on all affected Windows systems
Long-term hardening
0/2
HARDENINGApply the principle of least privilege: restrict user accounts to only the permissions and system access they actually need for their role
HARDENINGMonitor and control which user accounts have local access to systems running SafeNet Sentinel LDK License Manager; disable or remove unnecessary user accounts
View full CISA ICS-CERT advisory
↑↓ Navigate · Esc Close
API: /api/v1/advisories/71a6ed88-d2cd-43af-9781-c144cc019d8f