cve/CVE-2020-15530.md at 02b2e6ec35cdb7986441d4aba09d9792f0abaf03

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-05-07 11:06:19 +00:00

0xMarcio 48a00929ac Removed duplicates

2024-06-18 02:51:15 +02:00

Description

An issue was discovered in Valve Steam Client 2.10.91.91. The installer allows local users to gain NT AUTHORITY\SYSTEM privileges because some parts of %PROGRAMFILES(X86)%\Steam and/or %COMMONPROGRAMFILES(X86)%\Steam have weak permissions during a critical time window. An attacker can make this time window arbitrarily long by using opportunistic locks.

POC

Reference

http://daniels-it-blog.blogspot.com/2020/07/steam-arbitrary-code-execution-part-2.html

Github

No PoCs found on GitHub currently.

863 B Raw Blame History

CVE-2020-15530

Description

POC

Reference

Github

863 B

Raw Blame History