Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2020-11827

In GOG Galaxy 1.2.67, there is a service that is vulnerable to weak file/service permissions: GalaxyClientService.exe. An attacker can put malicious code in a Trojan horse GalaxyClientService.exe. After that, the attacker can re-start this service as an unprivileged user to escalate his/her privileges and run commands on the machine with SYSTEM rights.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 6.4%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
Products affected by CVE-2020-11827
  • Gog » Galaxy » Version: N/A
    cpe:2.3:a:gog:galaxy:-
  • Gog » Galaxy » Version: 1.2.0
    cpe:2.3:a:gog:galaxy:1.2.0
  • Gog » Galaxy » Version: 1.2.38
    cpe:2.3:a:gog:galaxy:1.2.38
  • Gog » Galaxy » Version: 1.2.39
    cpe:2.3:a:gog:galaxy:1.2.39
  • Gog » Galaxy » Version: 1.2.40
    cpe:2.3:a:gog:galaxy:1.2.40
  • Gog » Galaxy » Version: 1.2.41
    cpe:2.3:a:gog:galaxy:1.2.41
  • Gog » Galaxy » Version: 1.2.42
    cpe:2.3:a:gog:galaxy:1.2.42
  • Gog » Galaxy » Version: 1.2.43
    cpe:2.3:a:gog:galaxy:1.2.43
  • Gog » Galaxy » Version: 1.2.44
    cpe:2.3:a:gog:galaxy:1.2.44
  • Gog » Galaxy » Version: 1.2.45
    cpe:2.3:a:gog:galaxy:1.2.45
  • Gog » Galaxy » Version: 1.2.45.61
    cpe:2.3:a:gog:galaxy:1.2.45.61
  • Gog » Galaxy » Version: 1.2.46
    cpe:2.3:a:gog:galaxy:1.2.46
  • Gog » Galaxy » Version: 1.2.47
    cpe:2.3:a:gog:galaxy:1.2.47
  • Gog » Galaxy » Version: 1.2.48.36
    cpe:2.3:a:gog:galaxy:1.2.48.36
  • Gog » Galaxy » Version: 1.2.49
    cpe:2.3:a:gog:galaxy:1.2.49
  • Gog » Galaxy » Version: 1.2.50
    cpe:2.3:a:gog:galaxy:1.2.50
  • Gog » Galaxy » Version: 1.2.51
    cpe:2.3:a:gog:galaxy:1.2.51
  • Gog » Galaxy » Version: 1.2.54
    cpe:2.3:a:gog:galaxy:1.2.54
  • Gog » Galaxy » Version: 1.2.60
    cpe:2.3:a:gog:galaxy:1.2.60
  • Gog » Galaxy » Version: 1.2.64
    cpe:2.3:a:gog:galaxy:1.2.64


Products
Pricing
Contact Us

Shodan ® - All rights reserved