CVE-2019-15315

Valve Steam Client for Windows through 2019-08-16 allows privilege escalation (to NT AUTHORITY\SYSTEM) because local users can replace the current versions of SteamService.exe and SteamService.dll with older versions that lack the CVE-2019-14743 patch.

Published : 2019-08-21 20:15 Updated : 2019-08-30 12:57

7.2
CVSS Score More info
Score 7.2 / 10
7.2
Vendor Product Version URI
Valvesoftware Steam Client 2019-08-16 cpe:/a:valvesoftware:steam_client:2019-08-16
  1. Valvesoftware (1) Search CVE
    1. Steam Client (1) Search CVE
      1. 2019-08-16

CWE

ID Name Description Links
CWE-264 Permissions, Privileges, and Access Controls Weaknesses in this category are related to the management of permissions, privileges, and other security features that are used to perform access control. CVE

History of changes

Date Event
2019-08-30 12:57
2019-08-21 20:19

New CVE