CVE-2023-31462

An issue was discovered in SteelSeries GG 36.0.0. An attacker can change values in an unencrypted database that is writable for all users on the computer, in order to trigger code execution with higher privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
mitreCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 81%
VendorProductVersion
steelseriesgg
36.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://steelseries.com/gg
https://www.akamai.com/blog/security-research/exploit-steelseries-subapp-privilege-escalation
https://steelseries.com/gg
https://www.akamai.com/blog/security-research/exploit-steelseries-subapp-privilege-escalation