CVE-2020-11827

Name of the Vulnerable Software and Affected Versions GOG Galaxy version 1.2.67

Description The issue concerns weak file/service permissions in the GalaxyClientService.exe service. An attacker can exploit this by replacing the legitimate GalaxyClientService.exe with malicious code, potentially allowing them to escalate privileges and execute commands with SYSTEM rights by restarting the service as an unprivileged user.

Recommendations For GOG Galaxy version 1.2.67, consider restricting access to the GalaxyClientService.exe service to prevent unauthorized restarts and privilege escalation until a patch is available. As a temporary workaround, monitor the service for any suspicious activity and ensure that only authorized users can interact with it.