Weak File Permissions in Valve Steam 3.42.16.13 Allows Unauthorized Modification and Privilege Escalation

Weak File Permissions in Valve Steam 3.42.16.13 Allows Unauthorized Modification and Privilege Escalation

CVE-2016-5237 · LOW Severity

AV:L/AC:M/AU:N/C:N/I:P/A:N

Valve Steam 3.42.16.13 uses weak permissions for the files in the Steam program directory, which allows local users to modify the files and possibly gain privileges as demonstrated by a Trojan horse Steam.exe file.

Learn more about our User Device Pen Test.