Vulnerability Details CVE-2024-7834
A local privilege escalation is caused by Overwolf
loading and executing certain dynamic link library files from a user-writeable
folder in SYSTEM context on launch. This allows an attacker with unprivileged
access to the system to run arbitrary code with SYSTEM privileges by placing a
malicious .dll file in the respective location.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.7%
CVSS Severity
CVSS v3 Score 7.8
References
Products affected by CVE-2024-7834
-
cpe:2.3:a:overwolf:overwolf:-
-
cpe:2.3:a:overwolf:overwolf:0.131
-
cpe:2.3:a:overwolf:overwolf:0.132
-
cpe:2.3:a:overwolf:overwolf:0.133
-
cpe:2.3:a:overwolf:overwolf:0.134
-
cpe:2.3:a:overwolf:overwolf:0.135
-
cpe:2.3:a:overwolf:overwolf:0.136
-
cpe:2.3:a:overwolf:overwolf:0.137
-
cpe:2.3:a:overwolf:overwolf:0.138
-
cpe:2.3:a:overwolf:overwolf:0.139
-
cpe:2.3:a:overwolf:overwolf:0.140
-
cpe:2.3:a:overwolf:overwolf:0.141
-
cpe:2.3:a:overwolf:overwolf:0.142
-
cpe:2.3:a:overwolf:overwolf:0.143
-
cpe:2.3:a:overwolf:overwolf:0.145
-
cpe:2.3:a:overwolf:overwolf:0.147
-
cpe:2.3:a:overwolf:overwolf:0.148
-
cpe:2.3:a:overwolf:overwolf:0.149
-
cpe:2.3:a:overwolf:overwolf:0.149.2.30
-
cpe:2.3:a:overwolf:overwolf:0.153
-
cpe:2.3:a:overwolf:overwolf:0.155
-
cpe:2.3:a:overwolf:overwolf:0.156
-
cpe:2.3:a:overwolf:overwolf:0.157
-
cpe:2.3:a:overwolf:overwolf:0.158
-
cpe:2.3:a:overwolf:overwolf:0.159
-
cpe:2.3:a:overwolf:overwolf:0.162
-
cpe:2.3:a:overwolf:overwolf:0.165
-
cpe:2.3:a:overwolf:overwolf:0.166
-
cpe:2.3:a:overwolf:overwolf:0.168
-
cpe:2.3:a:overwolf:overwolf:0.169
-
cpe:2.3:a:overwolf:overwolf:0.169.0.22
-
cpe:2.3:a:overwolf:overwolf:0.170
-
cpe:2.3:a:overwolf:overwolf:0.173