CVE-2023-50914
6.7
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:L
Summary
A Privilege Escalation issue in the inter-process communication procedure from GOG Galaxy (Beta) 2.0.67.2 through v2.0.71.2 allows authentictaed users to change the DACL of arbitrary system directories to include Everyone full control permissions by modifying the FixDirectoryPrivileges instruction parameters sent from GalaxyClient.exe to GalaxyClientService.exe.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: poc
- Automatable: no
- Technical Impact: total
CVE Program Container
Additional References
- https://www.positronsecurity.com/blog/2020-08-13-gog-galaxy_client-local-privilege-escalation_deuce/
- https://support.gog.com/hc/en-us/categories/201553005-Downloads-Installing?product=gog
- https://github.com/anvilsecure/gog-galaxy-app-research
- https://github.com/anvilsecure/gog-galaxy-app-research/blob/main/advisories/CVE-2023-50914%20-%20LPE.md
References
- https://www.positronsecurity.com/blog/2020-08-13-gog-galaxy_client-local-privilege-escalation_deuce/
- https://support.gog.com/hc/en-us/categories/201553005-Downloads-Installing?product=gog
- https://github.com/anvilsecure/gog-galaxy-app-research
- https://github.com/anvilsecure/gog-galaxy-app-research/blob/main/advisories/CVE-2023-50914%20-%20LPE.md
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.