CVE-2025-50675
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-07

Last updated on: 2025-08-08

Assigner: MITRE

Description
GPMAW 14, a bioinformatics software, has a critical vulnerability related to insecure file permissions in its installation directory. The directory is accessible with full read, write, and execute permissions for all users, allowing unprivileged users to manipulate files within the directory, including executable files like GPMAW3.exe, Fragment.exe, and the uninstaller GPsetup64_17028.exe. An attacker with user-level access can exploit this misconfiguration by replacing or modifying the uninstaller (GPsetup64_17028.exe) with a malicious version. While the application itself runs in the user's context, the uninstaller is typically executed with administrative privileges when an administrator attempts to uninstall the software. By exploiting this flaw, an attacker could gain administrative privileges and execute arbitrary code in the context of the admin, resulting in privilege escalation.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-07
Last Modified
2025-08-08
Generated
2026-05-07
AI Q&A
2025-08-07
EPSS Evaluated
2026-05-05
NVD
CVE-2025-50675
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
lighthouse_data gpmaw 14.2
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-732 The product specifies permissions for a security-critical resource in a way that allows that resource to be read or modified by unintended actors.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability in GPMAW 14 involves insecure file permissions in its installation directory, which are set to allow all users full read, write, and execute access. This means any user can modify important files, including executables and the uninstaller. An attacker with normal user access can replace the uninstaller with a malicious version. Since the uninstaller runs with administrative privileges during uninstall, this allows the attacker to execute arbitrary code with admin rights, leading to privilege escalation.


How can this vulnerability impact me? :

This vulnerability can allow an attacker with regular user access to gain administrative privileges on the affected system by exploiting the insecure permissions to replace the uninstaller with malicious code. This privilege escalation can lead to unauthorized control over the system, potentially compromising system integrity, confidentiality, and availability.


How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by checking the permissions of the GPMAW installation directory and its files. Specifically, verify if the directory and files like GPMAW3.exe, Fragment.exe, and GPsetup64_17028.exe have overly permissive read, write, and execute permissions for all users. On a Windows system, you can use commands like 'icacls' to view permissions. For example, run 'icacls "C:\Path\To\GPMAW"' to list the permissions of the installation directory and its contents. Look for permissions that allow 'Everyone' or 'Users' full control or modify rights, which indicate the vulnerability.


What immediate steps should I take to mitigate this vulnerability?

Immediately restrict the permissions on the GPMAW installation directory and its files to prevent unprivileged users from modifying them. Remove write and execute permissions for non-administrative users on the directory and critical executable files such as GPMAW3.exe, Fragment.exe, and GPsetup64_17028.exe. Ensure that only trusted administrators have full control. Additionally, monitor for any unauthorized changes to these files and consider applying any available patches or updates from the vendor once released.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart