CVE-2017-14748

Published: Sep 26, 2017Modified: May 13, 2026

5.3

Vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 1.6 / Impact: 3.6

Source: NVD

Description

Race condition in Blizzard Overwatch 1.15.0.2 allows remote authenticated users to cause a denial of service (season bans and SR losses for other users) by leaving a competitive match at a specific time during the initial loading of that match.

Affected (1)

Products: Blizzard: Overwatch

Blizzard

1 product

Overwatch

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Blizzard Overwatch	Version 1.15.0.2

Related CWEs

CWE-362

Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')

The product contains a code sequence that can run concurrently with other code, and the code sequence requires temporary, exclusive access to a shared resource, but a timing window exists in which the shared resource can be modified by another code sequence that is operating concurrently.

References (6)

http://www.securityfocus.com/bid/101087

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

https://us.battle.net/forums/en/overwatch/topic/20759216554

Source: cve@mitre.org

Third Party Advisory

https://www.reddit.com/r/Overwatch/comments/72euqx/theres_a_bug_out_there_that_can_instantly/

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/bid/101087

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://us.battle.net/forums/en/overwatch/topic/20759216554

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://www.reddit.com/r/Overwatch/comments/72euqx/theres_a_bug_out_there_that_can_instantly/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.