CVE-2021-26807 – GOG GALAXY v2.0.35 DLL Load Order Hijacking

Authors: Brian Papile and Jeff Stokes Executive summary The GOG Galaxy version 2.0.35 was vulnerable to a DLL Load Order Hijacking vulnerability. The vendor has patched the vulnerability and released version 2.0.37, as of March 30, 2021. Discovery This vulnerability came about when we tried to uninstall the Folding at Home Client, but its folder …

Exit mobile version