Elevation of Privileges Vulnerability in Guild Wars 2 Launcher (Version 106916)

Elevation of Privileges Vulnerability in Guild Wars 2 Launcher (Version 106916)

CVE-2020-27384 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

The Gw2-64.exe in Guild Wars 2 launcher version 106916 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to the improper permissions, with the 'F' flag (Full Control) for 'Everyone' group, making the entire directory 'Guild Wars 2' and its files and sub-dirs world-writable.

Learn more about our User Device Pen Test.