Blizzard Battle.net Privilege Escalation Vulnerability

Vulnerability

A privilege escalation vulnerability has been identified in Blizzard Battle.net version 2.40.0.15267. This issue arises from insecure file permissions that allow low-privileged local attackers to place a crafted shell script or executable in the C:\ProgramData directory. The attacker can then wait for a high-privileged user to execute it, leading to unauthorized privilege escalation.

Impact

Exploitation of this vulnerability allows for unauthorized privilege escalation, enabling a low-privileged user to gain higher-level permissions.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

4.4

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

7.5

exploitability

4.4

remediation

0.0

relevance

0.0

threat

6.4

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Blizzard Battle.net Privilege Escalation Vulnerability

Vulnerability

Impact

Affected Products

Blizzard Battle.net

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating