VYPR

GalaxyClientService.exe

by Gog.com

CVEs (1)

  • CVE-2020-24574HigAug 21, 2020
    risk 0.51cvss 7.8epss 0.01

    The client (aka GalaxyClientService.exe) in GOG GALAXY through 2.0.41 (as of 12:58 AM Eastern, 9/26/21) allows local privilege escalation from any authenticated user to SYSTEM by instructing the Windows service to execute arbitrary commands. This occurs because the attacker can…