CVE-2019-15316 Information

Description

Valve Steam Client for Windows through 2019-08-20 has weak folder permissions leading to privilege escalation (to NT AUTHORITY\SYSTEM) via crafted use of CreateMountPoint.exe and SetOpLock.exe to leverage a TOCTOU race condition.

CVSS Vector

CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H

Reference

https://amonitoring.ru/article/onemore_steam_eop_0day/ https://habr.com/ru/company/pm/blog/464367/ https://www.youtube.com/watch?v=I93aH86BUaE https://www.youtube.com/watch?v=ZCHrjP0cMew

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

HIGH

Availability Impact

HIGH

Base Score

HIGH

Base Severity

7.0