| The “plays_service.exe” Windows service allows for the unauthenticated execution of a user provided path at SYSTEM privilege. An HTTP message with the “execute_installer” parameter does not securely authenticate the user before executing the provided path. The vulnerability could allow for privilege escalation on the current system or remote compromise on an internal network by executing a file over SMB. The vulnerable plays.tv software was previously included in AMD’s driver installation packages and is still distributed with its legacy products as part of its Gaming Evolved program. |
