CVE-2025-50675 is a critical vulnerability affecting GPMAW 14, a bioinformatics software suite. The core issue stems from insecure file permissions on the software's installation directory, which is configured to allow full read, write, and execute permissions for all users. This misconfiguration enables any unprivileged user on the system to manipulate files within this directory, including critical executables such as GPMAW3.exe, Fragment.exe, and notably the uninstaller executable GPsetup64_17028.exe. The uninstaller is typically executed with administrative privileges when an administrator initiates the software removal process. An attacker with standard user-level access can exploit this vulnerability by replacing or modifying the uninstaller executable with a malicious payload. When an administrator later runs the uninstaller, the malicious code executes with elevated privileges, effectively allowing privilege escalation from a low-privilege user to administrative control. This vulnerability is categorized under CWE-732, which relates to incorrect permissions on critical resources. The CVSS v3.1 base score is 7.8, reflecting high severity, with attack vector local (AV:L), low attack complexity (AC:L), requiring low privileges (PR:L), no user interaction (UI:N), unchanged scope (S:U), and high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). No known exploits are reported in the wild yet, but the vulnerability presents a significant risk due to the ease of exploitation and potential for complete system compromise. The lack of available patches or mitigations from the vendor at this time further exacerbates the risk.

For European organizations, particularly those involved in bioinformatics, pharmaceuticals, or healthcare research, this vulnerability poses a severe threat. Exploitation could lead to unauthorized administrative access on critical research or production systems, potentially resulting in data theft, manipulation of sensitive biological data, disruption of research workflows, or deployment of persistent malware. Given the sensitive nature of bioinformatics data, confidentiality breaches could have regulatory and reputational consequences under GDPR and other data protection laws. The integrity and availability of research data and software environments could be compromised, impacting ongoing scientific projects and collaborations. Additionally, since the vulnerability requires only local user access, insider threats or attackers who gain initial footholds through other means could leverage this flaw to escalate privileges and move laterally within networks. The absence of patches means organizations must rely on compensating controls to mitigate risk, increasing operational complexity.

To mitigate this vulnerability effectively, European organizations should take the following specific actions: 1) Immediately audit the file permissions of the GPMAW installation directory on all systems and restrict access to only trusted administrative users. Remove write and execute permissions for non-administrative users to prevent unauthorized modifications. 2) Implement strict endpoint security controls, including application whitelisting and integrity monitoring, to detect and prevent unauthorized changes to executable files within the GPMAW directory. 3) Enforce the principle of least privilege by limiting user accounts that have local access to systems running GPMAW, reducing the attack surface. 4) Monitor logs and system behavior for unusual uninstaller executions or modifications to GPsetup64_17028.exe. 5) Consider isolating bioinformatics workstations or servers in segmented network zones with enhanced access controls to limit lateral movement. 6) Engage with the software vendor to request a patch or official guidance and subscribe to vulnerability advisories for updates. 7) As a temporary workaround, disable or restrict the use of the uninstaller executable where feasible, or require manual verification before uninstallation processes proceed. These targeted measures go beyond generic advice by focusing on permission hardening, monitoring, and operational controls tailored to the specific exploitation vector.