exploitDog

CVE-2023-31462

Опубликовано: 20 июл. 2023

Источник: nvd

CVSS3: 8.8

EPSS Низкий

Описание

An issue was discovered in SteelSeries GG 36.0.0. An attacker can change values in an unencrypted database that is writable for all users on the computer, in order to trigger code execution with higher privileges.

Ссылки

https://steelseries.com/gg
Product
https://www.akamai.com/blog/security-research/exploit-steelseries-subapp-privilege-escalation
Exploit
Third Party Advisory
https://steelseries.com/gg
Product
https://www.akamai.com/blog/security-research/exploit-steelseries-subapp-privilege-escalation
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:steelseries:gg:36.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 85%

0.02387

Низкий

8.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-276

Связанные уязвимости

GHSA-f37h-8vvr-p524

CVSS3: 8.8

github

больше 2 лет назад

An issue was discovered in SteelSeries GG 36.0.0. An attacker can change values in an unencrypted database that is writable for all users on the computer, in order to trigger code execution with higher privileges.

EPSS

Процентиль: 85%

0.02387

Низкий

8.8 High

CVSS3

Дефекты

NVD-CWE-noinfo

CWE-276