Today > 1 Critical | 2 High | 6 Medium vulnerabilities   -   You can now download lists of IOCs here!

CVE-2023-50915

April 30, 2024, 5:52 p.m.

Tags

Product(s) Impacted

GOG Galaxy (Beta)

  • 2.0.67.2
  • 2.0.71.2

Description

An issue exists in GalaxyClientService.exe in GOG Galaxy (Beta) 2.0.67.2 through 2.0.71.2 that could allow authenticated users to overwrite and corrupt critical system files via a combination of an NTFS Junction and an RPC Object Manager symbolic link and could result in a denial of service.

Weaknesses

Date

Published: April 30, 2024, 2:15 p.m.

Last Modified: April 30, 2024, 5:52 p.m.

Status : Awaiting Analysis

CVE has been recently published to the CVE List and has been received by the NVD.

More info

Source

cve@mitre.org

References