Описание
An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user starts or uninstalls a game because of weak file permissions and missing file integrity checks.
Ссылки
- Third Party Advisory
- Third Party Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:gog:galaxy:2.0.17:*:*:*:*:windows:*:*
EPSS
Процентиль: 27%
0.00097
Низкий
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-732
Связанные уязвимости
github
больше 3 лет назад
An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user starts or uninstalls a game because of weak file permissions and missing file integrity checks.
EPSS
Процентиль: 27%
0.00097
Низкий
7.8 High
CVSS3
9.3 Critical
CVSS2
Дефекты
CWE-732