GOG Galaxy Game Launcher Vulnerable to Privilege Escalation Attacks
- GOG Galaxy contains six severe vulnerabilities that permit privilege escalation and arbitrary code execution.
- Most of the vulnerabilities concern the macOS version of the game launcher, but Windows users aren’t entirely safe either.
- GOG Galaxy accounts for around 10% to 20% of digital game sales, so attackers have a lot of potential unpatched targets.
Cisco Talos researchers have analyzed GOG Galaxy video game launcher version 1.2.48.36, and found that this version number, and most probably all of the recent ones that came before it are vulnerable to various types of malicious attacks that result in remote privilege escalation and arbitrary code execution. As the Cisco Talos team worked closely with the GOG (Good Old Games) team, the revelation of the vulnerabilities comes only after an update that patches all problems has been released, so if you haven’t updated your client yet, you should visit GOG.com and download the latest version now.
According to the detailed Cisco report, there are six fundamental security flaws in the game launcher. Four of them arise from wrongful file and folder permissions that allow a malicious person the potential to launch a privilege escalation attack. After that, there’s no stopping, as there’s the capacity to modify the root file system (on macOS), unlock global read and write rights, perform code execution with “system” privileges (on Windows), and gain administrative access for full control of the compromised machine.
Another vulnerability concerns an information leak problem, allowing an attacker to retrieve sensitive information by passing PIDs through the ‘fillProcessInformationForPids’ module. Finally, there’s a denial-of-service vulnerability that enables someone to cause the GOG launcher to stop working on macOS. This is done by sending malicious data to the root-listening service, as there’s no checking/validation in what is sent, so code execution through it is possible. The Talos researchers have managed to cause a DoS, but more scenarios could potentially materialize if further experimentation took place.
The GOG Galaxy games launcher is used by many thousands of players around the globe, and while there are no definite numbers that designate its exact position in the market, it is estimated to account for about 10-20% of the total digital sales of game titles, second only to Steam. The company went through a rough period in February, when insider sources stated that the platform is dangerously close to being in the red, and that profitability is under serious risk. Maybe the recent financial problems took their toll on the GOG Galaxy software security testing and assurance processes, as the vulnerabilities that were fixed with the recent update allowed the potential for full system takeover. That said, if GOG Galaxy is your cup of tea, you should update immediately.
Have you ever had a “weird” experience with GOG Galaxy in the recent past? Share it with us in the comments section below, and help us spread the word and keep others protected by sharing this post through our socials, on Facebook and Twitter.