CVE-2023-30382

EUVD-2023-34802
A buffer overflow in the component hl.exe of Valve Half-Life up to 5433873 allows attackers to execute arbitrary code and escalate privileges by supplying crafted parameters.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.3 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
CISA-ADPADP
7.3 HIGH
LOCAL
LOW
LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
Affected Products (NVD)
VendorProductVersion
valvesoftwarehalf-life
-
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://labs.jumpsec.com/advisory-cve-2023-30382-half-life-local-privilege-escalation/
https://labs.jumpsec.com/advisory-cve-2023-30382-half-life-local-privilege-escalation/