CVE

CVE-2022-31262

admin

CVE-2022-31262

An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to insufficient folder permissions, an attacker can hijack the %ProgramData%GOG.com folder structure and change the GalaxyCommunication service executable to a malicious file, resulting in code execution as SYSTEM.

Source: CVE-2022-31262

Exit mobile version