PT-2025-52839 · Epic Games · Easy Anti-Cheat
Published
2025-12-23
·
Updated
2025-12-23
·
CVE-2021-47739
CVSS v3.1
8.4
High
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Epic Games Easy Anti-Cheat version 4.0
Description
An unquoted service path exists in Epic Games Easy Anti-Cheat 4.0, potentially allowing local non-privileged users to execute arbitrary code with elevated system privileges. An attacker can exploit the service configuration by inserting malicious code into the system root path, which would then execute with LocalSystem privileges during application startup.
Recommendations
Ensure the service path is properly quoted to prevent the execution of unauthorized code.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Easy Anti-Cheat