CVE-2023-31462

EUVD-2023-35768
An issue was discovered in SteelSeries GG 36.0.0. An attacker can change values in an unencrypted database that is writable for all users on the computer, in order to trigger code execution with higher privileges.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 83%
Affected Products (NVD)
VendorProductVersion
steelseriesgg
36.0.0
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
https://steelseries.com/gg
https://www.akamai.com/blog/security-research/exploit-steelseries-subapp-privilege-escalation
https://steelseries.com/gg
https://www.akamai.com/blog/security-research/exploit-steelseries-subapp-privilege-escalation