Vulnerability Details CVE-2019-14743
In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for the Users group, which allows local users to gain NT AUTHORITY\SYSTEM access.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 3.6%
CVSS Severity
CVSS v3 Score 6.6
CVSS v2 Score 7.2
References
Products affected by CVE-2019-14743
-
cpe:2.3:a:valvesoftware:steam_client:-
-
cpe:2.3:a:valvesoftware:steam_client:2.10.91.91
-
cpe:2.3:a:valvesoftware:steam_client:2018-03-22
-
cpe:2.3:a:valvesoftware:steam_client:2018-03-26
-
cpe:2.3:a:valvesoftware:steam_client:2018-04-02
-
cpe:2.3:a:valvesoftware:steam_client:2018-04-04
-
cpe:2.3:a:valvesoftware:steam_client:2018-05-16
-
cpe:2.3:a:valvesoftware:steam_client:2018-05-18
-
cpe:2.3:a:valvesoftware:steam_client:2018-06-01
-
cpe:2.3:a:valvesoftware:steam_client:2018-07-24
-
cpe:2.3:a:valvesoftware:steam_client:2018-08-01
-
cpe:2.3:a:valvesoftware:steam_client:2018-08-08
-
cpe:2.3:a:valvesoftware:steam_client:2018-08-27
-
cpe:2.3:a:valvesoftware:steam_client:2018-08-29
-
cpe:2.3:a:valvesoftware:steam_client:2018-09-08
-
cpe:2.3:a:valvesoftware:steam_client:2018-10-10
-
cpe:2.3:a:valvesoftware:steam_client:2018-10-12
-
cpe:2.3:a:valvesoftware:steam_client:2018-11-08
-
cpe:2.3:a:valvesoftware:steam_client:2018-11-09
-
cpe:2.3:a:valvesoftware:steam_client:2018-11-26
-
cpe:2.3:a:valvesoftware:steam_client:2019-01-04
-
cpe:2.3:a:valvesoftware:steam_client:2019-02-01
-
cpe:2.3:a:valvesoftware:steam_client:2019-02-18
-
cpe:2.3:a:valvesoftware:steam_client:2019-03-05
-
cpe:2.3:a:valvesoftware:steam_client:2019-04-16
-
cpe:2.3:a:valvesoftware:steam_client:2019-04-29
-
cpe:2.3:a:valvesoftware:steam_client:2019-06-13
-
cpe:2.3:a:valvesoftware:steam_client:2019-06-14
-
cpe:2.3:a:valvesoftware:steam_client:2019-06-17
-
cpe:2.3:a:valvesoftware:steam_client:2019-07-16
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-05
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-07
-
cpe:2.3:o:microsoft:windows:-