6 Dangerous Vulnerabilities Fixed In GOG Game Client

Daniel ZimmermannMarch 31, 2019

0 92 2 minutes read

Cisco Talos experts have discovered a set of serious vulnerabilities in the GOG gaming client. The gaps, which are already closed in the current version of the program, allowed the hacker to increase privileges in the system and get access to the closed data.

According to experts, the latest update of GOG Galaxy has included patches for six vulnerabilities. Among them are two critical gaps, two serious and two moderate degrees of danger.

The most dangerous holes are connected with the elevation of hacker privileges through file manipulations in GOG Galaxy folders. Vulnerabilities CVE-2018-4048 and CVE-2018-4049 received 9.3 points on the CVSS 3.0 scale.

The problems are related to the Temp and Games service directories. By default, the program runs files stored in them with permissions of the SYSTEM level. If the offender replaces or edits this content, he will open up a lot of threatening opportunities, including executing third-party code and gaining access to other accounts on this computer.

Experts note that you can protect yourself from an exploit yourself. To do this, you need to change the security level of the Temp and Games folders from “Full access” to “Read and execute”. The user should also make sure that all files in these directories get the same rights. This will not prevent GOG Galaxy from running the necessary software, but will block access to key system processes.

The GOG.com platform is a digital store for computer games and movies. Launched in 2017, the GOG Galaxy client offers users a convenient interface for buying games and chatting with friends. The program works on computers running Windows and macOS.

The remaining gaps were found in the GOG client for macOS, namely, in its helper utility. So, CVE-2018-4050 and CVE-2018-4051 (both got 7.1 points) allow an attacker to adjust the security level of folders on the target machine and create new directories. As a result, a hacker can enhance his own access rights, manipulate critical files, and even make changes to the root file system.

Vulnerability CVE-2018-4052 (6.2 points) threatens to leak important data. The researchers found a bug in the function that allows you to control current processes. Security requirements state that it should have access only to services with privileges not higher than its own. In practice, through this option, you could get information about root services.

The last of the CVE-2018-4053 gaps creates the possibility of DoS-attacks by sending specific requests of the same internal GOG Galaxy assistant utility. As the experts explained, each operation of this component is completed with a close command. However, the developers did not provide for checking incoming data, so an attacker can execute third-party code on the system or cause a denial of service error.

Experts urge users not to hesitate with the update. Although the vulnerabilities of the macOS version of the client are less dangerous, each of them can lead to extremely unpleasant consequences.

Previously, experts discovered an attack on the Asian gaming industry, as a result of which tens of thousands of users received a backdoor on their computers. For the attack, the attackers hacked the distribution platform and compromised the files of the two programs.

Source: https://blog.talosintelligence.com/2019/03/vulnerability-spotlight-multiple.html

Sending