Security Bulletin 10 Aug 2022 – Cyber Security Agency of Singapore

Security Bulletin 10 Aug 2022 – Cyber Security Agency of Singapore

CVE Number Description Base Score Reference CVE-2020-7352 The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows environment. Due to the software shipping with embedded, static RSA private key, an attacker with this key material and local user permissions can effectively send any operating system command to the service for execution in this elevated context. The service listens for such commands on a locally-bound network port, localhost:9978. A Metasploit module has been published which exploits this vulnerability. This issue affects the 2.0.x branch of the software 2.0.12 and earlier as well as the 1.2.x branch 1.2.64 and earlier . A fix was issued for the 2.0.x branch of the affected software. 8.8
Source link

About coldfusion

Check Also

Ransomware actor exploits unsupported ColdFusion servers — but comes away empty-handed

Servers are always a point of interest for threat actors as they are one of …

Leave a Reply

Your email address will not be published. Required fields are marked *