Description

Tencent GameLoop before 4.1.21.90 downloaded updates over an insecure HTTP connection. A malicious attacker in an MITM position could spoof the contents of an XML document describing an update package, replacing a download URL with one pointing to an arbitrary Windows executable. Because the only integrity check would be a comparison of the downloaded file's MD5 checksum to the one contained within the XML document, the downloaded executable would then be executed on the victim's machine.

Related CPE's

a

tencent

gameloop

Vulnerable

References

https://github.com/mmiszczyk/cve-2021-33879

ExploitThird Party Advisory

https://www.gameloop.com

Vendor Advisory

Weaknesses

[email protected]

Primary
CWE-494

CVSS impact metrics

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

8.1 · High

  • CVSS V3.1

  • CVSS V3.0

  • CVSS V2.0

Information

Source identifier

[email protected]

Vulnerability status

Analyzed

Published

2021-06-06T20:15:07.613

4 years ago

Last modified

2021-06-15T18:27:47.267

4 years ago