CVE-2024-1868

CVSS 3.0 Score 7.8 of 10 (high)

Details

Published Nov 22, 2024
CWE ID 59

Summary

CVE-2024-1868 is a local privilege escalation vulnerability affecting G DATA Total Security. This issue enables attackers to escalate privileges on targeted systems by exploiting a flaw in the G DATA Backup Service. To exploit the vulnerability, an attacker must initially gain the ability to execute low-privileged code. By creating a symbolic link, an attacker can manipulate the service and overwrite a file, eventually leading to system-level privileges and the execution of arbitrary code as SYSTEM. This vulnerability was identified as ZDI-CAN-22313 in the Zero Day Initiative.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share