Описание
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally adjust folder permissions leading to execution of arbitrary code with elevated privileges.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:gog:galaxy:1.2.47:*:*:*:*:macos:*:*
EPSS
Процентиль: 23%
0.00076
Низкий
7.1 High
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732
Связанные уязвимости
CVSS3: 7.8
github
больше 3 лет назад
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally adjust folder permissions leading to execution of arbitrary code with elevated privileges.
EPSS
Процентиль: 23%
0.00076
Низкий
7.1 High
CVSS3
7.8 High
CVSS3
7.2 High
CVSS2
Дефекты
CWE-732