CNNVD-202511-374 Information
Nov 05, 2025
cve
CNNVD ID
CNNVD-202511-374
Related CVE
- CNNVD Published: 2025-11-05
Description (Chinese)
GOG Galaxy是波兰GOG公司的一款游戏客户端程序。该程序用于安装、启动和更新游戏。 GOG Galaxy 2.0.0.2版本存在安全漏洞,该漏洞源于缺少SSL证书验证,可能导致中间人攻击,从而拦截更新请求并替换安装包或更新包为恶意文件。
Description (English)
GOG Galaxy is a game client of the Polish company GoG. This program is used to install, start and update games. There is a security loophole in GOG Galaxy version 2.0.2.2, which stems from the lack of SSL certification, which could lead to an attack by an intermediary, thereby intercepting requests for updates and replacing installed or updated packages as malicious documents.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
GOG
Published
2025-11-05
Last Modified
2026-02-24
References
https://www.notion.so/CVE-2025-56232-2a04e9f2a40d80dab203e39b5c9462f6 https://youtu.be/WchHCmqGaFQ
Share on: