TROYANOSYVIRUS
Zuruck zu CVEs

CVE-2025-50675

HIGH
7.8

Beschreibung

GPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file permissions in its installation directory. The directory is accessible with full read, write, and execute permissions for all users, allowing unprivileged users to manipulate files within the directory, including executable files like GPMAW3.exe, Fragment.exe, and the uninstaller GPsetup64_17028.exe. An attacker with user-level access can exploit this misconfiguration by replacing or modifying the uninstaller (GPsetup64_17028.exe) with a malicious version. While the application itself runs in the user's context, the uninstaller is typically executed with administrative privileges when an administrator attempts to uninstall the software. By exploiting this flaw, an attacker could gain administrative privileges and execute arbitrary code in the context of the admin, resulting in privilege escalation.

CVE Details

CVSS v3.1 Bewertung7.8
SchweregradHIGH
CVSS VektorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
AngriffsvektorLOCAL
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht8/7/2025
Zuletzt geandert8/8/2025
Quellenvd
Honeypot-Sichtungen0

Schwachen (CWE)

CWE-732

Referenzen

https://github.com/LukeSec/CVE-2025-50675-GPMAW-Permissions/tree/main(cve@mitre.org)
https://www.gpmaw.com/html/downloads.html(cve@mitre.org)
https://github.com/LukeSec/CVE-2025-50675-GPMAW-Permissions/tree/main(134c704f-9b21-4f2e-91b3-4a467353bcc0)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.