Security Advisory

CVE-2024-11857

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-06-02 03:24:16
Last updated 2025-06-02 03:46:40
Assigner twcert
State PUBLISHED

Description

Bluetooth HCI Adaptor from Realtek has a Link Following vulnerability. Local attackers with regular privileges can create a symbolic link with the same name as a specific file, causing the product to delete arbitrary files pointed to by the link. Subsequently, attackers can leverage arbitrary file deletion to privilege escalation.