Valve Steam Client for Windows ... CVE-2019-15316

6.9 AV AC AU C I A
发布: 2019-08-21
修订: 2019-09-10

Valve Steam Client for Windows through 2019-08-20 has weak folder permissions, leading to privilege escalation (to NT AUTHORITY\SYSTEM) via crafted use of CreateMountPoint.exe and SetOpLock.exe to leverage a TOCTOU race condition.

0%
暂无可用Exp或PoC
当前有1条受影响产品信息