alexanderbittner/steam-privesc

Releases0

Stars13

A privilege escalation exploit in the Steam Client

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2019-14743 ↗	Aug 7, 2019Wednesday, 7 August 2019, 15:15	—	7.2 HIGH
In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for the Users group, which allows local users to gain NT AUTHORITY\SYSTEM access.