CVE-2018-4049

Name of the Vulnerable Software and Affected Versions GOG Galaxy version 1.2.48.36

Description A local privilege elevation issue exists in the file system permissions of the "Games" directory. This allows an attacker to overwrite executables of installed games, potentially leading to the execution of arbitrary code with elevated privileges.

Recommendations For version 1.2.48.36, consider restricting access to the "Games" directory to prevent unauthorized modifications until a patch is available. As a temporary workaround, monitor the directory for any suspicious changes to executables of installed games.