CVE-2024-1867

CVSS 3.0 Score 7.8 of 10 (high)

Details

Published Nov 22, 2024
CWE ID 59

Summary

CVE-2024-1867 is a privilege escalation vulnerability in G DATA Total Security. This issue allows local attackers to gain SYSTEM-level privileges by exploiting a flaw in the G DATA Backup Service. The vulnerability can be triggered by creating a symbolic link, which enables an attacker to delete a file and escalate privileges. To exploit this vulnerability, an attacker must initially have the ability to execute low-privileged code on the target system. This vulnerability, identified as ZDI-CAN-22312, poses a significant risk to affected installations of G DATA Total Security.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share