CVE-2025-0543

High

Published: 25 January 2025

Published

25 January 2025

Modified

15 April 2026

KEV Added

—

Patch

—

CVSS Score 7.8 CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS Score 0.0004 10.8th percentile

Risk Priority 16 60% EPSS · 20% KEV · 20% CVSS

Description

Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing an arbitrary executable in a globally writable directory resulting in execution by the SetupSVC.exe service in the context of SYSTEM.

Security Summary

CVE-2025-0543 is a local privilege escalation vulnerability in G DATA Security Client, stemming from incorrect assignment of privileges to directories (CWE-276). The issue affects installations where a globally writable directory allows unprivileged users to place arbitrary executables that are subsequently executed by the SetupSVC.exe service in the context of SYSTEM. The vulnerability has a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity with low attack complexity and privileges required.

A local, unprivileged attacker can exploit this vulnerability by placing a malicious executable in the globally writable directory. Upon execution by the SetupSVC.exe service running as SYSTEM, the attacker achieves full privilege escalation, gaining unauthorized access to high-impact capabilities across confidentiality, integrity, and availability.

For mitigation details, refer to the security advisory at https://github.com/nullby73/security-advisories/tree/main/CVE-2025-0543.

Details

CWE(s): CWE-276

References

https://github.com/nullby73/security-advisories/tree/main/CVE-2025-0543
a341c0d1-ebf7-493f-a84e-38cf86618674