Local Privilege Escalation Vulnerability in Oculus Desktop Versions 1.39 to 31.1.0.67.507

Local Privilege Escalation Vulnerability in Oculus Desktop Versions 1.39 to 31.1.0.67.507

CVE-2021-24038 · HIGH Severity

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507.

Learn more about our Cis Benchmark Audit For Desktop Software.