CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15528
https://notcve.org/view.php?id=CVE-2020-15528
05 Jul 2020 — An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user starts or uninstalls a game because of weak file permissions and missing file integrity checks. Se detectó un problema en GOG Galaxy Client versión 2.0.17. Una escalada local de privilegios es posible cuando un usuario inicia o desinstala un juego debido a permisos de archivos débiles y a una falta de comprobaciones de integridad de archivos • http://daniels-it-blog.blogspot.com/2020/07/gog-galaxy-escalation-of-privileges.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2020-15529
https://notcve.org/view.php?id=CVE-2020-15529
05 Jul 2020 — An issue was discovered in GOG Galaxy Client 2.0.17. Local escalation of privileges is possible when a user installs a game or performs a verify/repair operation. The issue exists because of weak file permissions and can be exploited by using opportunistic locks. Se detectó un problema en GOG Galaxy Client versión 2.0.17. Una escalada local de privilegios es posible cuando un usuario instala un juego o realiza una operación de verificación y reparación. • http://daniels-it-blog.blogspot.com/2020/07/gog-galaxy-escalation-of-privileges.html • CWE-667: Improper Locking CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 2CVE-2020-7352 – GOG Galaxy GalaxyClientService Privilege Escalation
https://notcve.org/view.php?id=CVE-2020-7352
15 Jun 2020 — The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows environment. Due to the software shipping with embedded, static RSA private key, an attacker with this key material and local user permissions can effectively send any operating system command to the service for execution in this elevated context. The service listens for such commands on a locally-bound network port, localhost:9978. A Metasploit module has been published which exploits this vulnerability. This ... • https://github.com/szerszen199/PS-CVE-2020-7352 • CWE-264: Permissions, Privileges, and Access Controls CWE-798: Use of Hard-coded Credentials •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-15511
https://notcve.org/view.php?id=CVE-2019-15511
21 Nov 2019 — An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is installed. All GOG Galaxy versions before 1.2.60 and all corresponding versions of GOG Galaxy 2.0 Beta are affected. Se presenta una vulnerabilidad de escalada de privilegios local explotable en el GalaxyClientService inst... • https://github.com/adenkiewicz/CVE-2019-15511 • CWE-306: Missing Authentication for Critical Function •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2018-4048
https://notcve.org/view.php?id=CVE-2018-4048
30 May 2019 — An exploitable local privilege elevation vulnerability exists in the file system permissions of the `Temp` directory in GOG Galaxy 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of the Desktop Galaxy Updater to exploit this vulnerability and execute arbitrary code with SYSTEM privileges. Existe una vulnerabilidad de privilegio local aprovechable en en los permisos del sistema de archivos del directorio `Temp` en GOG Galaxy 1.2.48.36 (Instalador de Windows de 64 bits). Un atacant... • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0722 • CWE-668: Exposure of Resource to Wrong Sphere •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4049
https://notcve.org/view.php?id=CVE-2018-4049
02 Apr 2019 — An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's “Games” directory, version 1.2.48.36 (Windows 64-bit Installer). An attacker can overwrite executables of installed games to exploit this vulnerability and execute arbitrary code with elevated privileges. Existe una vulnerabilidad de elevación de privilegios local explotable en los permisos del sistema de archivos del directorio de "Juegos" de GOG Galaxy, versión 1.2.48.36 (Windows 64-bit Installer).... • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0723 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4053
https://notcve.org/view.php?id=CVE-2018-4053
02 Apr 2019 — An exploitable local denial-of-service vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can send malicious data to the root-listening service, causing the application to terminate and become unavailable. Existe una vulnerabilidad de denegación de servicio (DoS) local explotable en la herramienta "helper" privilegiada de los juegos de GOG Galaxy, en su versión 1.2.47 para macOS. Un atacante puede enviar datos maliciosos al servicio de escucha roo... • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0727 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4051
https://notcve.org/view.php?id=CVE-2018-4051
02 Apr 2019 — An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally create directories and subdirectories on the root file system, as well as change the permissions of existing directories. Existe una vulnerabilidad de escalado de privilegios local explotable en la herramienta helper privilegiada de los juegos de GOG Galaxy, en su versión 1.2.47 para macOS. Un atacante puede crear directorios y subdirectorios ... • https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0725 • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 6.2EPSS: 0%CPEs: 1EXPL: 0CVE-2018-4052
https://notcve.org/view.php?id=CVE-2018-4052
02 Apr 2019 — An exploitable local information leak vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can pass a PID and receive information running on it that would usually only be accessible to the root user. Existe una vulnerabilidad de fuga de información local explotable en la herramienta helper privilegiada de los juegos de GOG Galaxy, en su versión 1.2.47 para macOS. Un atacante puede pasar un PID y recibir información que se está ejecutando en el archi... • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0726 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 0%CPEs: 1EXPL: 1CVE-2018-3974
https://notcve.org/view.php?id=CVE-2018-3974
02 Apr 2019 — An exploitable local privilege elevation vulnerability exists in the file system permissions of GOG Galaxy's install directory. An attacker can overwrite an executable that is launched as a system service on boot by default to exploit this vulnerability and execute arbitrary code with system privileges. Existe una vulnerabilidad explotable de escalado de privilegios local en los permisos de sistema de archivos del directorio de instalación de GOG Galaxy. Un atacante puede sobrescribir ejecutables que se lan... • https://talosintelligence.com/vulnerability_reports/TALOS-2018-0640 • CWE-732: Incorrect Permission Assignment for Critical Resource •