High severity7.8NVD Advisory· Published Aug 17, 2022· Updated Jun 17, 2026
CVE-2022-31262
CVE-2022-31262
Description
An exploitable local privilege escalation vulnerability exists in GOG Galaxy 2.0.46. Due to insufficient folder permissions, an attacker can hijack the %ProgramData%\GOG.com folder structure and change the GalaxyCommunication service executable to a malicious file, resulting in code execution as SYSTEM.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: = 2.0.46
Patches
Vulnerability mechanics
References
3- secure77.de/category/subjects/researches/nvdExploitThird Party Advisory
- secure77.de/gog-galaxy-cve-2022-31262/nvdExploitThird Party Advisory
- www.youtube.com/watchnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.