CVE-2024-1868
CVSS 3.0 Score 7.8 of 10 (high)
Details
Summary
CVE-2024-1868 is a local privilege escalation vulnerability affecting G DATA Total Security. This issue enables attackers to escalate privileges on targeted systems by exploiting a flaw in the G DATA Backup Service. To exploit the vulnerability, an attacker must initially gain the ability to execute low-privileged code. By creating a symbolic link, an attacker can manipulate the service and overwrite a file, eventually leading to system-level privileges and the execution of arbitrary code as SYSTEM. This vulnerability was identified as ZDI-CAN-22313 in the Zero Day Initiative.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.