cnvd - cnvd-2019-39725

CNVD-2019-39725

Vulnerability from cnvd - Published: 2019-11-07

Title

GOG Galaxy权限提升漏洞（CNVD-2019-39725）

Description

GOG Galaxy是一款游戏客户端程序。该程序用于安装、启动和更新游戏。 GOG Galaxy中存在安全漏洞，该漏洞源于网络系统或产品未对输入的数据进行正确的验证。攻击者可利用该漏洞调整文件夹权限，从而以更高的特权执行任意代码。

Severity

高

Formal description

厂商尚未提供漏洞修补方案，请关注厂商主页及时更新： https://www.gog.com/

Reference

https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0724

Impacted products

Name
GOG Galaxy 1.2.47

Show details on source website

JSON

To clipboard

{
  "cves": {
    "cve": {
      "cveNumber": "CVE-2018-4050",
      "cveUrl": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-4050"
    }
  },
  "description": "GOG Galaxy\u662f\u4e00\u6b3e\u6e38\u620f\u5ba2\u6237\u7aef\u7a0b\u5e8f\u3002\u8be5\u7a0b\u5e8f\u7528\u4e8e\u5b89\u88c5\u3001\u542f\u52a8\u548c\u66f4\u65b0\u6e38\u620f\u3002\n\nGOG Galaxy\u4e2d\u5b58\u5728\u5b89\u5168\u6f0f\u6d1e\uff0c\u8be5\u6f0f\u6d1e\u6e90\u4e8e\u7f51\u7edc\u7cfb\u7edf\u6216\u4ea7\u54c1\u672a\u5bf9\u8f93\u5165\u7684\u6570\u636e\u8fdb\u884c\u6b63\u786e\u7684\u9a8c\u8bc1\u3002\u653b\u51fb\u8005\u53ef\u5229\u7528\u8be5\u6f0f\u6d1e\u8c03\u6574\u6587\u4ef6\u5939\u6743\u9650\uff0c\u4ece\u800c\u4ee5\u66f4\u9ad8\u7684\u7279\u6743\u6267\u884c\u4efb\u610f\u4ee3\u7801\u3002",
  "formalWay": "\u5382\u5546\u5c1a\u672a\u63d0\u4f9b\u6f0f\u6d1e\u4fee\u8865\u65b9\u6848\uff0c\u8bf7\u5173\u6ce8\u5382\u5546\u4e3b\u9875\u53ca\u65f6\u66f4\u65b0\uff1a\r\nhttps://www.gog.com/",
  "isEvent": "\u901a\u7528\u8f6f\u786c\u4ef6\u6f0f\u6d1e",
  "number": "CNVD-2019-39725",
  "openTime": "2019-11-07",
  "products": {
    "product": "GOG Galaxy 1.2.47"
  },
  "referenceLink": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2018-0724",
  "serverity": "\u9ad8",
  "submitTime": "2019-04-09",
  "title": "GOG Galaxy\u6743\u9650\u63d0\u5347\u6f0f\u6d1e\uff08CNVD-2019-39725\uff09"
}

CVE-2018-4050 (GCVE-0-2018-4050)

Vulnerability from cvelistv5 – Published: 2019-04-01 18:29 – Updated: 2024-08-05 05:04

Summary

An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy's Games, version 1.2.47 for macOS. An attacker can globally adjust folder permissions leading to execution of arbitrary code with elevated privileges.

Severity ?

7.1 (High)


                        
                          CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N

CWE

local privilege escalation

Assigner

talos

References

URL

Tags

https://talosintelligence.com/vulnerability_repor…

x_refsource_CONFIRM

Impacted products

	Vendor	Product	Version
	Talos	GOG Galaxy	Affected: Gog Galaxy 1.2.47 (macOS)

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T05:04:29.151Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0724"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "GOG Galaxy",
          "vendor": "Talos",
          "versions": [
            {
              "status": "affected",
              "version": "Gog Galaxy 1.2.47 (macOS)"
            }
          ]
        }
      ],
      "datePublic": "2019-03-26T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy\u0027s Games, version 1.2.47 for macOS. An attacker can globally adjust folder permissions leading to execution of arbitrary code with elevated privileges."
        }
      ],
      "metrics": [
        {
          "cvssV3_0": {
            "attackComplexity": "LOW",
            "attackVector": "LOCAL",
            "availabilityImpact": "NONE",
            "baseScore": 7.1,
            "baseSeverity": "HIGH",
            "confidentialityImpact": "NONE",
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "CHANGED",
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "local privilege escalation",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2022-04-19T18:08:59",
        "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "shortName": "talos"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0724"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "talos-cna@cisco.com",
          "ID": "CVE-2018-4050",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "GOG Galaxy",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "Gog Galaxy 1.2.47 (macOS)"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "Talos"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy\u0027s Games, version 1.2.47 for macOS. An attacker can globally adjust folder permissions leading to execution of arbitrary code with elevated privileges."
            }
          ]
        },
        "impact": {
          "cvss": {
            "baseScore": 7.1,
            "baseSeverity": "High",
            "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N",
            "version": "3.0"
          }
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "local privilege escalation"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0724",
              "refsource": "CONFIRM",
              "url": "https://talosintelligence.com/vulnerability_reports/TALOS-2018-0724"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
    "assignerShortName": "talos",
    "cveId": "CVE-2018-4050",
    "datePublished": "2019-04-01T18:29:38",
    "dateReserved": "2018-01-02T00:00:00",
    "dateUpdated": "2024-08-05T05:04:29.151Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CNVD-2019-39725

CVE-2018-4050 (GCVE-0-2018-4050)

Tags

Sightings

Nomenclature