SonicALERT
Search

Sonicwall Signatures

 

Go to All Categories list.


  AMD Gaming Plays.tv Remote Code Execution 1

Category: WEB-ATTACKS      

The “plays_service.exe” Windows service allows for the unauthenticated execution of a user provided path at SYSTEM privilege. An HTTP message with the “execute_installer” parameter does not securely authenticate the user before executing the provided path. The vulnerability could allow for privilege escalation on the current system or remote compromise on an internal network by executing a file over SMB. The vulnerable plays.tv software was previously included in AMD’s driver installation packages and is still distributed with its legacy products as part of its Gaming Evolved program.


Relevant Information