Security Advisory

CVE-2020-15530

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-07-05 00:31:24

Last updated 2024-08-04 13:15:20

Assigner mitre

State PUBLISHED

Description

An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITYSYSTEM privileges because some parts of %PROGRAMFILES(X86)%Steam and/or %COMMONPROGRAMFILES(X86)%Steam have weak permissions during a critical time window. An attacker can make this time window arbitrarily long by using opportunistic locks.

← Browse all CVEs View on cve.org ↗