Valve developers have fixed critical bugs in the Steam game client. In total, four vulnerabilities were counted, and their exploitation led to hacking of the computer and disabling the game client itself.
A potential attacker, finding these flaws, could remotely cause the victim to crash Steam. Moreover, the bugs also allowed gaining control over all computers connected to a third-party game server.
Today Steam has more than 25 million users and offers such major gaming projects as Counter Strike: Global Offensive, Dota2 and Half Life.
The vulnerabilities reported this week affected the Steam networking library known as Steam Sockets. In essence, this library is part of a toolkit designed for third-party video game developers.
If the vulnerabilities were successfully exploited, a cybercriminal could gain control over hundreds of thousands of user devices. The victims themselves would not even realize that they were being attacked.
Cybersecurity researchers told Valve about the issue back in September. Now that the appropriate patch is ready, users need to install the client update.
The vulnerabilities were identified by the following identifiers: CVE-2020-6016, CVE-2020-6017, CVE-2020-6018, and CVE-2020-6019. They are all in versions of the Steam Sockets library prior to v1.2.0.
The first three holes were assigned 9.8 points out of 10 on the CVSS scale (that is, the status of critical), and the fourth – 7.5 points (high degree of danger). All gaps exist due to incorrect processing of individual fragments of the SNP_ReceiveUnreliableSegment (), AES_GCM_DecryptContext :: Decrypt () and CConnectionTransportUDPBase :: Received_Data () functions.
To exploit bugs in an attack, an attacker must connect to the target game server. Next, the attacker needs to send malicious packets to other players, interaction with which is not required to implement the method.