← voltar
CVE-2022-31262

CVE-2022-31262

EPSS 0.5%
An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to insufficient folder permissions, an attacker can hijack the %ProgramData%\GOG.com folder structure and change the GalaxyCommunication service executable to a malicious file, resulting in code execution as SYSTEM.
Produtos afetados
n/a · n/a

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/secure-77/CVE-2022-31262https://secure77.de/category/subjects/researches/https://secure77.de/gog-galaxy-cve-2022-31262/https://www.youtube.com/watch?v=Bgdbx5TJShI