EUVD-2019-6498

Malware in sbrugna...

EUVD-2020-17293

Malware in sbrugna...

CVE-2020-7352

The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows environment. Due to the software shipping with embedded, static RSA private key, an attacker with this key material and local user permissions can effectively send any operating system command to the...

GOG GalaxyClientService Privilege Escalation Exploit

This Metasploit module will send arbitrary filepaths to the GOG GalaxyClientService, which will be executed with SYSTEM privileges verified on GOG Galaxy Client v1.2.62 and v2.0.12; prior versions are also likely affected. This module requires Metasploit: https://metasploit.com/download Current...

GOG GalaxyClientService Privilege Escalation

This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core/post/windows/services' require 'openssl' class MetasploitModule 'GOG GalaxyClientService Privilege Escalation', 'Description' = %q This module will sen...

GOG Galaxy elevation of privilege vulnerability (CNVD-2020-02829)

GOG Galaxy is a game client program. The program is used to install, launch and update games. An elevation of privilege vulnerability exists in the GalaxyClientService installed by GOG Galaxy, which stems from faulty access control. An attacker can exploit this vulnerability by sending...