CVE-2019-14743

Published August 7th, 2019

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.2

HIGH

Affected

PROJECT

Description

In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for the Users group, which allows local users to gain NT AUTHORITY\SYSTEM access.

alexanderbittner/steam-privesc

A privilege escalation exploit in the Steam Client

GitHub