GOG Galaxy Game Launcher Vulnerable to Privilege Escalation Attacks

  • GOG Galaxy contains six severe vulnerabilities that permit privilege escalation and arbitrary code execution.
  • Most of the vulnerabilities concern the macOS version of the game launcher, but Windows users aren’t entirely safe either.
  • GOG Galaxy accounts for around 10% to 20% of digital game sales, so attackers have a lot of potential unpatched targets.

Cisco Talos researchers have analyzed GOG Galaxy video game launcher version 1.2.48.36, and found that this version number, and most probably all of the recent ones that came before it are vulnerable to various types of malicious attacks that result in remote privilege escalation and arbitrary code execution. As the Cisco Talos team worked closely with the GOG (Good Old Games) team, the revelation of the vulnerabilities comes only after an update that patches all problems has been released, so if you haven’t updated your client yet, you should visit GOG.com and download the latest version now.

According to the detailed Cisco report, there are six fundamental security flaws in the game launcher. Four of them arise from wrongful file and folder permissions that allow a malicious person the potential to launch a privilege escalation attack. After that, there’s no stopping, as there’s the capacity to modify the root file system (on macOS), unlock global read and write rights, perform code execution with “system” privileges (on Windows), and gain administrative access for full control of the compromised machine.

Another vulnerability concerns an information leak problem, allowing an attacker to retrieve sensitive information by passing PIDs through the ‘fillProcessInformationForPids’ module. Finally, there’s a denial-of-service vulnerability that enables someone to cause the GOG launcher to stop working on macOS. This is done by sending malicious data to the root-listening service, as there’s no checking/validation in what is sent, so code execution through it is possible. The Talos researchers have managed to cause a DoS, but more scenarios could potentially materialize if further experimentation took place.

The GOG Galaxy games launcher is used by many thousands of players around the globe, and while there are no definite numbers that designate its exact position in the market, it is estimated to account for about 10-20% of the total digital sales of game titles, second only to Steam. The company went through a rough period in February, when insider sources stated that the platform is dangerously close to being in the red, and that profitability is under serious risk. Maybe the recent financial problems took their toll on the GOG Galaxy software security testing and assurance processes, as the vulnerabilities that were fixed with the recent update allowed the potential for full system takeover. That said, if GOG Galaxy is your cup of tea, you should update immediately.

Have you ever had a “weird” experience with GOG Galaxy in the recent past? Share it with us in the comments section below, and help us spread the word and keep others protected by sharing this post through our socials, on Facebook and Twitter.

Latest
How to Watch Welcome to Flatch Season 2 Online From Anywhere
Welcome to Flatch is landing a new season soon, and we are happy to tell you it's super easy to stream online,...
How to Watch CSI: Vegas Season 2 Online From Anywhere
There is great excitement among CSI fans worldwide as CSI: Vegas Season 2 is finally set to premiere soon. After the success...
How to Watch Hell’s Kitchen Season 21 Online From Anywhere
Are you ready to get back into Hell's Kitchen? Gordon Ramsay is returning for the 21st season on Fox, and we're eager...
For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: Chrome, Edge, Firefox, Safari
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]
[class^="wpforms-"]