Privilege Escalation via Unprivileged File Writing in Oculus Desktop
CVE-2020-1885 · HIGH Severity
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file.
Learn more about our Cis Benchmark Audit For Desktop Software.