Privilege Escalation Vulnerability in Valve Steam Client for Windows

CVE-2019-14743 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

In Valve Steam Client for Windows through 2019-08-07, HKLM\SOFTWARE\Wow6432Node\Valve\Steam has explicit "Full control" for the Users group, which allows local users to gain NT AUTHORITY\SYSTEM access.

Learn more about our User Device Pen Test.