CVE-2019-15511

HIGH

GOG Galaxy < 1.2.60 - Unauthenticated Local Privilege Escalation via TCP Packet Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2019-15511. PoCs published by adenkiewicz.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2019-15511, a local privilege escalation vulnerability in GOG Galaxy's GalaxyClientService. The exploit leverages unauthenticated access to sensitive methods like FixDirectoryPrivilegesRequest and CreateDirectoryRequest to manipulate file permissions or create directories.

Description

An exploitable local privilege escalation vulnerability exists in the GalaxyClientService installed by GOG Galaxy. Due to Improper Access Control, an attacker can send unauthenticated local TCP packets to the service to gain SYSTEM privileges in Windows system where GOG Galaxy software is installed. All GOG Galaxy versions before 1.2.60 and all corresponding versions of GOG Galaxy 2.0 Beta are affected.

Exploits (1)

nomisec WORKING POC 2 stars
by adenkiewicz · poc
https://github.com/adenkiewicz/CVE-2019-15511

This repository contains a functional exploit for CVE-2019-15511, a local privilege escalation vulnerability in GOG Galaxy's GalaxyClientService. The exploit leverages unauthenticated access to sensitive methods like FixDirectoryPrivilegesRequest and CreateDirectoryRequest to manipulate file permissions or create directories.

Classification
Working Poc 95%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: GOG Galaxy (GalaxyClientService)
No auth needed
Prerequisites: Local access to the target system · GOG Galaxy installed and running
devstral-2 · analyzed Feb 18, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 7.8
EPSS 0.0075
EPSS Percentile 50.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-306
Status published
Products (1)
gog/galaxy < 1.2.60
Published Nov 21, 2019
Tracked Since Feb 18, 2026