CVE-2023-5993: 
SafeNet Authentication Client vulnerability analysis and mitigation

A privilege escalation vulnerability (CVE-2023-5993) was discovered in the Windows Installer component of Thales SafeNet Authentication Client versions prior to 10.8 R10 on Windows systems. The vulnerability was disclosed on February 27, 2024, and allows an attacker with local access to escalate their privilege level (NVD).

The vulnerability has been assigned a CVSS v3.1 base score of 7.8 (HIGH) with the following vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The vulnerability is classified under CWE-269 (Improper Privilege Management). The attack requires local access and user interaction, but no privileges are needed to execute the attack (NVD).

If successfully exploited, this vulnerability allows an attacker to elevate their privileges on the affected Windows system, potentially gaining high-level access to confidential data, system resources, and the ability to make system changes (NVD).

The recommended mitigation is to upgrade Thales SafeNet Authentication Client to version 10.8 R10 or later. Users and administrators of affected systems should apply this update as soon as possible to address the vulnerability (NVD, Thales Support).