nullby73

2 exploits Active since Jan 2025
CVE-2025-0542 WRITEUP HIGH WRITEUP
G DATA Management Server - Privilege Escalation
Local privilege escalation due to incorrect assignment of privileges of temporary files in the update mechanism of G DATA Management Server. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing a crafted ZIP archive in a globally writable directory, which gets unpacked in the context of SYSTEM and results in arbitrary file write.
CVSS 7.8
CVE-2025-0543 WRITEUP HIGH WRITEUP
G DATA Security Client - Privilege Escalation
Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. This vulnerability allows a local, unprivileged attacker to escalate privileges on affected installations by placing an arbitrary executable in a globally writable directory resulting in execution by the SetupSVC.exe service in the context of SYSTEM.
CVSS 7.8