CVE-2022-27095

HIGH

BattlEye v0.9 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-27095. PoCs published by Saud Alenazi.

AI-analyzed exploit summary This is a writeup describing an unquoted service path vulnerability in BattlEye 0.9. The vulnerability could allow local privilege escalation if an attacker can place executable code in the system root path.

Description

BattlEye v0.9 contains an unquoted service path which allows attackers to escalate privileges to the system level.

Exploits (1)

exploitdb WRITEUP

by Saud Alenazi · textlocalwindows

https://www.exploit-db.com/exploits/50815

View Code ZIP pw:eip

This is a writeup describing an unquoted service path vulnerability in BattlEye 0.9. The vulnerability could allow local privilege escalation if an attacker can place executable code in the system root path.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Theoretical

Target: BattlEye 0.9

Auth required

Prerequisites: Local access to the system · Ability to write to the system root path

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Core References

Exploit, Third Party Advisory, VDB Entry x_refsource_misc

https://www.exploit-db.com/exploits/50815

Scores

CVSS v3 7.8

EPSS 0.0042

EPSS Percentile 33.0%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-428

Status published

Products (1)

battleye/battleye 0.9

Published May 20, 2022

Tracked Since Feb 18, 2026