Vulnerabilities > GOG > Galaxy > 1.2.0

DATE CVE VULNERABILITY TITLE RISK
2020-08-06 CVE-2020-7352 Use of Hard-coded Credentials vulnerability in GOG Galaxy
The GalaxyClientService component of GOG Galaxy runs with elevated SYSTEM privileges in a Windows environment.
local
low complexity
gog CWE-798
8.8
8.8
2020-07-14 CVE-2020-11827 Incorrect Permission Assignment for Critical Resource vulnerability in GOG Galaxy
In GOG Galaxy 1.2.67, there is a service that is vulnerable to weak file/service permissions: GalaxyClientService.exe.
local
low complexity
gog CWE-732
7.8
7.8
2019-11-21 CVE-2019-15511 Missing Authentication for Critical Function vulnerability in GOG Galaxy
An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy.
local
low complexity
gog CWE-306
7.8
7.8