Vulnerability Details CVE-2019-17180
Valve Steam Client before 2019-09-12 allows placing or appending partially controlled filesystem content, as demonstrated by file modifications on Windows in the context of NT AUTHORITY\SYSTEM. This could lead to denial of service, elevation of privilege, or unspecified other impact.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 27.7%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
References
- https://amonitoring.ru/article/steam_vuln_3/
- https://habr.com/ru/company/pm/blog/469507/
- https://hackerone.com/reports/583184
- https://hackerone.com/reports/682774
- https://store.steampowered.com/news/54236/
- https://amonitoring.ru/article/steam_vuln_3/
- https://habr.com/ru/company/pm/blog/469507/
- https://hackerone.com/reports/583184
- https://hackerone.com/reports/682774
- https://store.steampowered.com/news/54236/
Products affected by CVE-2019-17180
-
cpe:2.3:a:valvesoftware:steam_client:-
-
cpe:2.3:a:valvesoftware:steam_client:2.10.91.91
-
cpe:2.3:a:valvesoftware:steam_client:2018-03-22
-
cpe:2.3:a:valvesoftware:steam_client:2018-03-26
-
cpe:2.3:a:valvesoftware:steam_client:2018-04-02
-
cpe:2.3:a:valvesoftware:steam_client:2018-04-04
-
cpe:2.3:a:valvesoftware:steam_client:2018-05-16
-
cpe:2.3:a:valvesoftware:steam_client:2018-05-18
-
cpe:2.3:a:valvesoftware:steam_client:2018-06-01
-
cpe:2.3:a:valvesoftware:steam_client:2018-07-24
-
cpe:2.3:a:valvesoftware:steam_client:2018-08-01
-
cpe:2.3:a:valvesoftware:steam_client:2018-08-08
-
cpe:2.3:a:valvesoftware:steam_client:2018-08-27
-
cpe:2.3:a:valvesoftware:steam_client:2018-08-29
-
cpe:2.3:a:valvesoftware:steam_client:2018-09-08
-
cpe:2.3:a:valvesoftware:steam_client:2018-10-10
-
cpe:2.3:a:valvesoftware:steam_client:2018-10-12
-
cpe:2.3:a:valvesoftware:steam_client:2018-11-08
-
cpe:2.3:a:valvesoftware:steam_client:2018-11-09
-
cpe:2.3:a:valvesoftware:steam_client:2018-11-26
-
cpe:2.3:a:valvesoftware:steam_client:2019-01-04
-
cpe:2.3:a:valvesoftware:steam_client:2019-02-01
-
cpe:2.3:a:valvesoftware:steam_client:2019-02-18
-
cpe:2.3:a:valvesoftware:steam_client:2019-03-05
-
cpe:2.3:a:valvesoftware:steam_client:2019-04-16
-
cpe:2.3:a:valvesoftware:steam_client:2019-04-29
-
cpe:2.3:a:valvesoftware:steam_client:2019-06-13
-
cpe:2.3:a:valvesoftware:steam_client:2019-06-14
-
cpe:2.3:a:valvesoftware:steam_client:2019-06-17
-
cpe:2.3:a:valvesoftware:steam_client:2019-07-16
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-05
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-07
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-12
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-16
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-20
-
cpe:2.3:a:valvesoftware:steam_client:2019-08-21
-
cpe:2.3:a:valvesoftware:steam_client:2019-09-10
-
cpe:2.3:o:microsoft:windows:-