Security Advisory

CVE-2022-31262

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-08-17 14:37:42

Last updated 2024-08-03 07:11:39

Assigner mitre

State PUBLISHED

Description

An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to insufficient folder permissions, an attacker can hijack the %ProgramData%GOG.com folder structure and change the GalaxyCommunication service executable to a malicious file, resulting in code execution as SYSTEM.

← Browse all CVEs View on cve.org ↗