CVE-2025-0543 Information

Description

Local privilege escalation in G DATA Security Client due to incorrect assignment of privileges to directories. This vulnerability allows a local unprivileged attacker to escalate privileges on affected installations by placing an arbitrary executable in a globally writable directory resulting in execution by the SetupSVC.exe service in the context of SYSTEM.

Reference

https://github.com/nullby73/security-advisories/tree/main/CVE-2025-0543