Valvesoftware: >> Steamos Security Vulnerabilities
Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file.
CVSS Score
4.8
EPSS Score
0.002
Published
2017-01-23
Valve Bug Reporter in the valve-bugreporter package 2.10+bsos1 in Valve SteamOS Beta stores cleartext credentials in a .valve-bugreporter.cfg file upon a Remember Credentials action, which allows local users to obtain sensitive information by reading this file.
CVSS Score
2.1
EPSS Score
0.001
Published
2013-12-17