Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
G DATA Management Server Local privilege escalation
Vulnerability Description
Local privilege escalation due to incorrect assignment of privileges of temporary files in the update mechanism of G DATA Management Server. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing a crafted ZIP archive in a globally writable directory, which gets unpacked in the context of SYSTEM and results in arbitrary file write.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
缺省权限不正确
Vulnerability Title
G DATA Management Server 安全漏洞
Vulnerability Description
G DATA Management Server是G DATA公司的一个 G DATA Business Solutions 的管理工具。 G DATA Management Server存在安全漏洞,该漏洞源于更新机制中临时文件的权限分配不正确,导致本地权限提升,允许本地无特权攻击者通过将精心设计的ZIP存档放置提升权限。
CVSS Information
N/A
Vulnerability Type
N/A