CVE-2023-50914

high

Description

A Privilege Escalation issue in the inter-process communication procedure from GOG Galaxy (Beta) 2.0.67.2 through v2.0.71.2 allows authentictaed users to change the DACL of arbitrary system directories to include Everyone full control permissions by modifying the FixDirectoryPrivileges instruction parameters sent from GalaxyClient.exe to GalaxyClientService.exe.

References

https://www.positronsecurity.com/blog/2020-08-13-gog-galaxy_client-local-privilege-escalation_deuce/

https://support.gog.com/hc/en-us/categories/201553005-Downloads-Installing?product=gog

https://github.com/anvilsecure/gog-galaxy-app-research/blob/main/advisories/CVE-2023-50914%20-%20LPE.md

https://github.com/anvilsecure/gog-galaxy-app-research

Details

Source: Mitre, NVD

Published: 2024-04-30

Updated: 2024-04-30

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 8.8

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Severity: High