Vulnerability Details CVE-2019-9742
gdwfpcd.sys in G Data Total Security before 2019-02-22 allows an attacker to bypass ACLs because Interpreted Device Characteristics lacks FILE_DEVICE_SECURE_OPEN and therefore files and directories "inside" the \\.\gdwfpcd device are not properly protected, leading to unintended impersonation or object creation.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2019-03-13-gdata-total-security-acl-bypass.md
- https://nafiez.github.io/security/bypass/2019/03/12/gdata-total-security-acl-bypass.html
- https://github.com/nafiez/nafiez.github.io/blob/master/_posts/2019-03-13-gdata-total-security-acl-bypass.md
- https://nafiez.github.io/security/bypass/2019/03/12/gdata-total-security-acl-bypass.html
Products affected by CVE-2019-9742
-
cpe:2.3:a:gdata-software:total_security:-
-
cpe:2.3:a:gdata-software:total_security:25.4.0.3
-
cpe:2.3:a:gdata-software:total_security:25.5.15.21
-
cpe:2.3:a:gdata-software:total_security:25.5.17.355
-
cpe:2.3:a:gdata-software:total_security:25.5.18.333