PT-2020-15141 · Oculus · Oculus Desktop

Published

2020-04-08

Updated

2021-07-21

CVE-2020-1885

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Oculus Desktop versions prior to 1.44.0.32849

Description The issue allows local users to write to arbitrary files and gain privileges through vectors involving a hard link to a log file, by exploiting the ability of the OVRRedir.exe process to write to an unprivileged file.

Recommendations For versions prior to 1.44.0.32849, update to version 1.44.0.32849 or later to resolve the issue.

Fix

Link Following

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-59

Related Identifiers

CVE-2020-1885

Affected Products

Oculus Desktop

PT-2020-15141 · Oculus · Oculus Desktop

CVE-2020-1885

Weakness Enumeration

Related Identifiers

Affected Products

References · 3