ГлавнаяУязвимости → CVE-2025-0542
7.8высокая

CVE-2025-0542

→ есть в БДУ: BDU:2025-16241 (на русском)
Описание (на английском; русское — в БДУ выше)

Local privilege escalation due to incorrect assignment of privileges of temporary files in the update mechanism of G DATA Management Server. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing a crafted ZIP archive in a globally writable directory, which gets unpacked in the context of SYSTEM and results in arbitrary file write.

CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Источники
https://github.com/nullby73/security-advisories/tree/main/CVE-2025-0542