CVE-2025-0542
Published: 25 January 2025
Description
Local privilege escalation due to incorrect assignment of privileges of temporary files in the update mechanism of G DATA Management Server. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing a crafted ZIP archive in a globally writable directory, which gets unpacked in the context of SYSTEM and results in arbitrary file write.
Security Summary
CVE-2025-0542 is a local privilege escalation vulnerability in the update mechanism of G DATA Management Server, stemming from incorrect assignment of privileges to temporary files. This flaw, associated with CWE-22 (path traversal) and CWE-276 (incorrect default permissions), carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H). It affects installations of G DATA Management Server where the update process mishandles temporary files, enabling exploitation through manipulated archives.
A local, unprivileged attacker can exploit this vulnerability by placing a crafted ZIP archive in a globally writable directory. When the update mechanism processes this archive, it unpacks the contents in the context of the SYSTEM privilege level, resulting in arbitrary file write capabilities. This allows the attacker to escalate privileges on the affected system, potentially overwriting critical files to gain higher-level access.
For mitigation details, refer to the security advisory at https://github.com/nullby73/security-advisories/tree/main/CVE-2025-0542, which provides further guidance on patches or workarounds for G DATA Management Server installations.
Details
- CWE(s)