7.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N
0.0004 Low
EPSS
Percentile
5.1%
An exploitable local privilege escalation vulnerability exists in the privileged helper tool of GOG Galaxy’s Games, version 1.2.47 for macOS. An attacker can globally create directories and subdirectories on the root file system, as well as change the permissions of existing directories.
[
{
"product": "GOG Galaxy",
"vendor": "GOG.COM",
"versions": [
{
"status": "affected",
"version": "Gog Galaxy 1.2.47 (macOS)"
}
]
}
]