Uplay Pc
Monthly
Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: Full Control) for the program installation directory (%PROGRAMFILES%\Ubisoft Game Launcher), which allows local users to gain. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote attackers to execute arbitrary programs via the -orbit_exe_path command line argument. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 80.2%.
Ubisoft Uplay PC before 4.6.1.3217 use weak permissions (Everyone: Full Control) for the program installation directory (%PROGRAMFILES%\Ubisoft Game Launcher), which allows local users to gain. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote attackers to execute arbitrary programs via the -orbit_exe_path command line argument. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and EPSS exploitation probability 80.2%.