CVE-2025-0542
CVSS 3.1 Score 7.8 of 10 (high)
Details
Summary
CVE-2025-0542 is a local privilege escalation vulnerability affecting G DATA Management Server. The issue arises due to an incorrect assignment of privileges in the update mechanism, enabling a local, unprivileged attacker to escalate privileges. By placing a specially crafted ZIP archive in a globally writable directory, an attacker can trick the server into unpacking the archive with SYSTEM privileges, resulting in arbitrary file write access. This vulnerability poses a serious threat to affected installations and demands immediate attention for appropriate mitigation measures.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.