Fortinet Discovers G Data Elevation of Privileges Vulnerability
Fortinet's FortiGuard Labs has discovered an Arbitrary File Write vulnerability in G Data.
G Data is an award-winning Anti-Virus software which uses multiple scanning engines.
An Arbitrary File Write vulnerability has been discovered in G Data by FortiGuard Labs. This vulnerability exists in its file restore mechanism because the vulnerable application fails to verify if the target file is a symbolic link. It could allow malicious users to overwrite any existing file with a malicious one. It's possible to exploit it to achieve elevation of privileges.
SolutionsUsers should apply the solution provided by G Data.
Additional InformationThe issue is fixed in G Data 126.96.36.199.
Fortinet reported the vulnerability to G Data on August 24, 2020.
G Data confirmed the vulnerability on September 3, 2020.
G Data patched the vulnerability on November 2, 2020.