KBI 311853 Potential Security Issue Where Argent AT Shares Are Accessible For Everyone By Default


Argent Advanced Technology – All Versions


Wednesday, 5 August 2020


The Argent AT setup program configures product shares for each installed product

The shares are mapped to the product’s home directory

For example, the share “ArgentGuardianUltra” is configured for Argent Guardian Ultra and mapped to X:\Argent\ArgentGuardianUltra

The shares are used for communication in the following scenarios:

  1. Argent Non-Stop motors exchange runtime information by reading from other motors’ shares
  2. The Client GUI reads startup information from the product shares on the server

By default, these shares are accessible by everyone

This could be a potential security issue in some network environments

For users who only install the central Argent AT Engine and do not use the client GUI, these shares can be safely removed

For users who use Argent Non-Stop Monitor and/or the Client GUI, the security can be tightened by making the shares only accessible by the Argent AT service account and whoever uses the GUI

Technical Background