5 matches found
CVE-2024-1868
CVE-2024-1868 affects G DATA Total Security, specifically the G DATA Backup Service . The root cause is a symbolic link abuse in the backup service that allows a local attacker to overwrite a file, enabling privilege escalation to SYSTEM after gaining low-privilege code execution. Impact describe...
CVE-2023-27347
CVE-2023-27347 affects G Data Total Security, specifically the Backup Service. The flaw allows local attackers who can execute low-privileged code to leverage a symbolic link in the Backup Service to create arbitrary files, enabling privilege escalation to the SYSTEM context. The vulnerability is...
CVE-2024-1867
CVE-2024-1867 affects G DATA Total Security, targeting the G DATA Backup Service. The vulnerability arises from the ability to create a symbolic link in the Backup Service, which can be abused to delete a file and escalate privileges to SYSTEM by exploiting local code execution with low privilege...
CVE-2024-30377
CVE-2024-30377 affects G DATA Total Security. The vulnerability lies in the G DATA AntiVirus Scan Server: by abusing symbolic links, a local attacker can delete arbitrary files and escalate privileges to SYSTEM, potentially executing arbitrary code. Public documents cite ZDI as the advisory sourc...
CVE-2019-9742
CVE-2019-9742 affects G Data Software Total Security prior to 2019-02-22, via the driver gdwfpcd.sys. The vulnerability stems from Interpreted Device Characteristics lacking FILE_DEVICE_SECURE_OPEN, allowing an attacker to bypass ACLs and access files/directories inside the \.\gdwfpcd device, ena...