Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is installed. All GOG Galaxy versions before 1.2.60 and all corresponding versions of GOG Galaxy 2.0 Beta are affected.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
GOG Galaxy 安全漏洞
Vulnerability Description
GOG Galaxy是波兰GOG公司的一款游戏客户端程序。该程序用于安装、启动和更新游戏。 GOG Galaxy 1.2.60之前版本和2.0.0版本至2.0.8版本中所安装的GalaxyClientService存在提权漏洞,该漏洞源于不正确的访问控制。攻击者可通过发送未经身份验证的本地TCP数据包利用该漏洞在Windows系统中获取SYSTEM权限。
CVSS Information
N/A
Vulnerability Type
N/A