VYPR

Oculus Desktop

by Facebook

CVEs (2)

  • CVE-2021-24038Aug 18, 2021
    risk 0.00cvss epss 0.00

    Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507.

  • CVE-2020-1885Apr 8, 2020
    risk 0.00cvss epss 0.00

    Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file.