Cybersecurity specialists reported the finding of a critical vulnerability in Rockstar Games Launcher, a Windows system app that allows users to access their Rockstar Games for PC games faster, as well as other features that are very useful for any PC gamer.
According to the report, successful exploitation of this flaw would allow threat actors to carry out privilege escalation attacks on affected systems.
Below is a brief description of the reported flaw, in addition to its score assigned according to the Common Vulnerability Scoring System (CVSS). It should be noted that this flaw has not yet received a CVE tracking key.
According to the report, this flaw exists because Rockstar Games Launcher does not set the necessary security measures for RockstarService.exe, so threat actors could modify the executable on this service using any binary.
The flaw received a CVSS score of 8.1/10 and, as mentioned above, its successful exploitation would allow malicious hackers to perform privilege escalations with relative ease.
It should be noted that the vulnerability resides in version 126.96.36.1999 of Rockstar Games Launcher.
While this flaw can be exploited remotely by unauthenticated threat actors, cybersecurity experts mention that no attempts to actively exploit or malware associated with the attack have been detected so far. However, Rockstar Games has not released an updated version of this app, so users are advised to disable Rockstar Games Launcher until the updated version is available.
To learn more about computer security risks, malware, vulnerabilities and information technologies, feel free to access the International Cyber Security Institute (IICS) website.