Privilege Escalation Vulnerability in Valve Steam Client for Windows

Privilege Escalation Vulnerability in Valve Steam Client for Windows

CVE-2019-15315 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

Valve Steam Client for Windows through 2019-08-16 allows privilege escalation (to NT AUTHORITY\SYSTEM) because local users can replace the current versions of SteamService.exe and SteamService.dll with older versions that lack the CVE-2019-14743 patch.

Learn more about our User Device Pen Test.