CVE-2025-50675

Name of the Vulnerable Software and Affected Versions GPMAW 14 (affected versions not specified)

Description GPMAW 14, a bioinformatics software, exhibits a critical issue stemming from insecure file permissions within its installation directory. The directory allows all users full read, write, and execute permissions, enabling manipulation of files, including executables such as GPMAW3.exe, Fragment.exe, and the uninstaller GPsetup64 17028.exe. An attacker with user-level access can replace or modify the uninstaller with a malicious version. Because the uninstaller is executed with administrative privileges, this could lead to privilege escalation and arbitrary code execution in the context of an administrator.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.