Two vulnerabilities have been confirmed to be detected in Epic Games Launcher, the online library and account management tool for PC gaming. According to the report, the successful exploitation of these flaws would allow the deployment of multiple hacking tactics.
Below are brief descriptions of the reported flaws, in addition to their scores assigned under the Common Vulnerability Scoring System (CVSS). These flaws do not yet receive a CVE identification key.
No CVE key: A bug in link tracking within the Epic Games installer would allow a local user to create a symbolic link to abuse the installer, overwrite a file, and perform a denial of service (DoS) attack on the affected system.
The vulnerability received a CVSS score of 5.1/10 and is considered a low-severity bug.
No CVE key: A link tracking issue within the Epic Games installer would allow local users to create a symbolic link to abuse the installer, delete a file, and deploy DoS attacks.
The flaw received a CVSS score of 5.1/10.
According to the report, the vulnerabilities reside in all versions of Epic Games Launcher for Windows and macOS systems.
These problems can only be exploited locally, which considerably reduces the risk of exploitation. So far no active exploitation attempts have been detected, although cybersecurity specialists recommend disabling Epic Games Launcher since there are no patches available to correct these flaws.
To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.
He is a well-known expert in mobile security and malware analysis. He studied Computer Science at NYU and started working as a cyber security analyst in 2003. He is actively working as an anti-malware expert. He also worked for security companies like Kaspersky Lab. His everyday job includes researching about new malware and cyber security incidents. Also he has deep level of knowledge in mobile security and mobile vulnerabilities.