Medium severity6.5NVD Advisory· Published Apr 30, 2024· Updated Apr 15, 2026

CVE-2023-50915

Description

An issue exists in GalaxyClientService.exe in GOG Galaxy (Beta) 2.0.67.2 through 2.0.71.2 that could allow authenticated users to overwrite and corrupt critical system files via a combination of an NTFS Junction and an RPC Object Manager symbolic link and could result in a denial of service.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

github.com/anvilsecure/gog-galaxy-app-research/blob/main/advisories/CVE-2023-50915%20-%20DoS.mdnvd
support.gog.com/hc/en-us/categories/201553005-Downloads-Installingnvd

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000