Lucene search
K

4 matches found

CVE
CVE
added 2020/08/06 3:45 p.m.207 views

CVE-2020-7352

CVE-2020-7352 context : The GalaxyClientService in GOG Galaxy runs as SYSTEM on Windows. It ships with an embedded, static RSA private key and listens on localhost:9978, enabling a local attacker with user privileges to execute OS commands in elevated context via crafted inputs. The issue affects...

8.8CVSS8.7AI score0.03778EPSS
Exploits5References2Affected Software1
Circl
Circl
added 2020/06/15 2:42 p.m.17 views

CVE-2020-7352

creationtimestamp| type| source ---|---|--- 2020-06-15 14:42:43+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/windows/local/goggalaxyclientserviceprivesc.rb 2025-02-06 03:13:44+00:00| seen| MISP/a1e796df-2ad8-4c8d-8b69-737a004e72dd 2025-02-23...

8.8CVSS8.6AI score0.03778EPSS
Exploits5References1
0day.today
0day.today
added 2020/06/15 12:0 a.m.127 views

GOG GalaxyClientService Privilege Escalation Exploit

This Metasploit module will send arbitrary filepaths to the GOG GalaxyClientService, which will be executed with SYSTEM privileges verified on GOG Galaxy Client v1.2.62 and v2.0.12; prior versions are also likely affected. This module requires Metasploit: https://metasploit.com/download Current...

8.8CVSS1.3AI score0.03778EPSS
Exploits5
Metasploit
Metasploit
added 2020/05/18 9:9 p.m.45 views

GOG GalaxyClientService Privilege Escalation

This module will send arbitrary filepaths to the GOG GalaxyClientService, which will be executed with SYSTEM privileges verified on GOG Galaxy Client v1.2.62 and v2.0.12; prior versions are also likely affected. This module requires Metasploit: https://metasploit.com/download Current source:...

8.8CVSS1.2AI score0.03778EPSS
Exploits5
Rows per page
Query Builder