Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Valve Steam Client for Windows through 2019-08-16 allows privilege escalation (to NT AUTHORITY\SYSTEM) because local users can replace the current versions of SteamService.exe and SteamService.dll with older versions that lack the CVE-2019-14743 patch.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Valve Steam Client for Windows 权限许可和访问控制问题漏洞
Vulnerability Description
Valve Steam是美国Valve公司的一套游戏发行管理平台。该平台提供数字版权管理、多人游戏、流媒体和社交网络服务等功能。 Valve Steam Client for Windows 2019-08-16及之前版本中存在权限许可和访问控制问题漏洞。本地攻击者可通过使用不含CVE-2019-14743补丁的SteamService.exe和SteamService.dll老版本替换掉当前的版本利用该漏洞将权限提升至NT AUTHORITYSYSTEM。
CVSS Information
N/A
Vulnerability Type
N/A