CVE-2020-27172

Name of the Vulnerable Software and Affected Versions G-Data versions prior to 25.5.9.25

Description The issue is related to the infected-file restore mechanism in G-Data, which can be abused using symbolic links to achieve arbitrary write, leading to elevation of privileges. This can be exploited by an attacker to gain higher privileges. The vulnerability is associated with incorrect link resolution before file access.

Recommendations For versions prior to 25.5.9.25, update to version 25.5.9.25 or later to resolve the issue. As a temporary workaround, consider restricting access to the infected-file restore mechanism until a patch is applied.