CVE-2019-15316

Sažetak

Valve Steam Client for Windows through 2019-08-20 has weak folder permissions, leading to privilege escalation (to NT AUTHORITY\SYSTEM) via crafted use of CreateMountPoint.exe and SetOpLock.exe to leverage a TOCTOU race condition.

Reference

https://amonitoring.ru/article/onemore_steam_eop_0day/
https://habr.com/ru/company/pm/blog/464367/
https://www.youtube.com/watch?v=I93aH86BUaE
https://www.youtube.com/watch?v=ZCHrjP0cMew

CVSS

Base:	6.9
Impact:	10.0
Exploitability:	3.4

Pristup

Vektor	Složenost	Autentikacija
LOCAL	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:L/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

24-08-2020 - 17:37

Objavljeno

21-08-2019 - 20:15