Rockstar Games Launcher Privilege Escalation Vulnerability

A privilege escalation vulnerability has been identified in Rockstar Games Launcher version 1.0.37.349. This vulnerability allows authenticated users to modify the service executable, RockstarService.exe, due to weak permissions granted to the 'Authenticated Users' group. Exploiting this vulnerability involves replacing the original executable with a malicious binary that can create a new administrator user, thereby gaining elevated system access.

Impact

Exploitation of this vulnerability allows for unauthorized modification of service executables, leading to the creation of new administrator users and elevated system access.

Reproduction

The vulnerability can be reproduced by an authenticated user with 'Modify' privileges. After logging in, the user can move the original 'RockstarService.exe' to a backup file name, create a malicious binary using tools like 'msfvenom' on Kali Linux, transfer this binary to the Windows host, and replace the original executable. Once the service is restarted, the malicious payload executes, creating a new user with administrative rights.