CVE-2023-31462

High

8.8/10

Summary

An issue was discovered in SteelSeries GG 36.0.0. An attacker can change values in an unencrypted database that is writable for all users on the computer, in order to trigger code execution with higher privileges.

Attack Complexity: LOW
Attack Vector: NETWORK
Integrity Impact: HIGH
Scope: UNCHANGED
User Interaction: NONE
Privileges Required: LOW
Confidentiality Impact: HIGH
Availability Impact: HIGH

References

Advisory Timeline

Published Jul 20, 2023

CVE-2023-31462

Summary

References

Advisory Timeline

ChainJacking

JetBrains IDE

KICS SaaS