CVE-2024-1867
CVSS 3.0 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-1867 is a privilege escalation vulnerability in G DATA Total Security. This issue allows local attackers to gain SYSTEM-level privileges by exploiting a flaw in the G DATA Backup Service. The vulnerability can be triggered by creating a symbolic link, which enables an attacker to delete a file and escalate privileges. To exploit this vulnerability, an attacker must initially have the ability to execute low-privileged code on the target system. This vulnerability, identified as ZDI-CAN-22312, poses a significant risk to affected installations of G DATA Total Security.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.