TalosCVELIST:CVE-2018-4050CVE-2018-4050
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
0.0004 Low
EPSS
Percentile
5.1%
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy’s Games, version 1.2.47 for macOS. An attacker can globally adjust folder permissions leading to execution of arbitrary code with elevated privileges.
CNA Affected
[
{
"product": "GOG Galaxy",
"vendor": "Talos",
"versions": [
{
"status": "affected",
"version": "Gog Galaxy 1.2.47 (macOS)"
}
]
}
]Related
7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
0.0004 Low
EPSS
Percentile
5.1%