← volver
CVE-2022-31262

CVE-2022-31262

EPSS 0.5%
An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to insufficient folder permissions, an attacker can hijack the %ProgramData%\GOG.com folder structure and change the GalaxyCommunication service executable to a malicious file, resulting in code execution as SYSTEM.
Productos afectados
n/a · n/a

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://github.com/secure-77/CVE-2022-31262https://secure77.de/category/subjects/researches/https://secure77.de/gog-galaxy-cve-2022-31262/https://www.youtube.com/watch?v=Bgdbx5TJShI