CVE-2026-15684: CWE-59: Improper Link Resolution Before File Access ('Link Following') in Glarysoft Glary Utilities
CVE-2026-15684 is a local privilege escalation vulnerability in Glarysoft Glary Utilities version 6.24.0.28. It arises from improper link resolution in the Disk Clean functionality, allowing an attacker with low-privileged code execution to create a junction that causes arbitrary file deletion. Successful exploitation can lead to privilege escalation to SYSTEM level and arbitrary code execution.
AI Analysis
Technical Summary
This vulnerability (CWE-59) in Glarysoft Glary Utilities 6.24.0.28 involves improper link resolution before file access within the Disk Clean feature. An attacker who can execute code with limited privileges can create a junction point that the service follows, resulting in deletion of arbitrary files. This can be leveraged to escalate privileges and execute code with SYSTEM privileges. The vulnerability was tracked as ZDI-CAN-27004 and has a CVSS 3.0 score of 7.3, indicating high severity.
Potential Impact
An attacker with the ability to run low-privileged code on the affected system can exploit this flaw to delete arbitrary files and escalate privileges to SYSTEM. This can lead to full system compromise, including arbitrary code execution with the highest privileges.
Mitigation Recommendations
No official patch or remediation is currently confirmed for this vulnerability. Users should monitor the vendor's advisory for updates. Until a fix is available, avoid running untrusted code with any privileges on affected versions. Restrict local access to trusted users to reduce risk.
CVE-2026-15684: CWE-59: Improper Link Resolution Before File Access ('Link Following') in Glarysoft Glary Utilities
Description
CVE-2026-15684 is a local privilege escalation vulnerability in Glarysoft Glary Utilities version 6.24.0.28. It arises from improper link resolution in the Disk Clean functionality, allowing an attacker with low-privileged code execution to create a junction that causes arbitrary file deletion. Successful exploitation can lead to privilege escalation to SYSTEM level and arbitrary code execution.
CVSS v3.0
Score 7.3high
Affected software
Weaknesses
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
This vulnerability (CWE-59) in Glarysoft Glary Utilities 6.24.0.28 involves improper link resolution before file access within the Disk Clean feature. An attacker who can execute code with limited privileges can create a junction point that the service follows, resulting in deletion of arbitrary files. This can be leveraged to escalate privileges and execute code with SYSTEM privileges. The vulnerability was tracked as ZDI-CAN-27004 and has a CVSS 3.0 score of 7.3, indicating high severity.
Potential Impact
An attacker with the ability to run low-privileged code on the affected system can exploit this flaw to delete arbitrary files and escalate privileges to SYSTEM. This can lead to full system compromise, including arbitrary code execution with the highest privileges.
Mitigation Recommendations
No official patch or remediation is currently confirmed for this vulnerability. Users should monitor the vendor's advisory for updates. Until a fix is available, avoid running untrusted code with any privileges on affected versions. Restrict local access to trusted users to reduce risk.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- zdi
- Date Reserved
- 2026-07-13T21:29:44.054Z
- Cvss Version
- 3.0
- State
- PUBLISHED
- Remediation Level
- null
Threat ID: 6a555d1568715ace43ecaae9
Added to database: 07/13/2026, 21:48:05 UTC
Last enriched: 07/13/2026, 22:03:57 UTC
Last updated: 07/13/2026, 22:19:37 UTC
Views: 3
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
External Links
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.