EDB-ID: 49739 CVE: N/A Author: George Tsimpidas Type: Local Platform: Windows Date: 2021-04-05 Vulnerable App: Rockstar Games Launcher (Version Patch: 1.0.37.349) Vulnerability Description Vulnerability: Insecure File Permissions Affected File: RockstarService.exe Cause: Weak set of permissions granted to the "Authenticated Users Group" with "Modify Privilege" Impact: Allows an "Authenticated User" to modify the existing executable file of the service with a binary of their choice, leading to privilege escalation. Proof of Concept (PoC) Steps 1. Move RockstarService.exe to a new name. 2. Create a malicious binary on Kali Linux using MSF. 3. Transfer the created RockstarService.exe to the Windows host. 4. Replace the old RockstarService.exe with the new malicious one. 5. Start the service. 6. Verify the new user is added to the Administrators group.