CVE-2018-4049
9.3
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Summary
An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's “Games” directory, version 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of installed games to exploit this vulnerability and execute arbitrary code with elevated privileges.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| GOG.COM | GOG Galaxy | Gog Galaxy 1.2.48.36 (Windows 64-bit Installer) | affected |
Weaknesses
- local privilege elevation
ADP Enrichment
CVE Program Container
Additional References
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.