Vulnerability Details CVE-2020-27383
Battle.net.exe in Battle.Net 1.27.1.12428 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to weak set of permissions being granted to the "Authenticated Users Group" which grants the (F) Flag aka "Full Control"
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 13.3%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 4.6
References
Products affected by CVE-2020-27383
-
cpe:2.3:a:blizzard:battle.net:1.27.1.12428