← Back

Battle.net

battle.net

Vendor: Blizzard • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2025-27997
1Blizzard
1Battle.net
Jun 3, 2025
May 21, 2025
N/A· v4
8.4 HIGH· v3
N/A· v2
An issue in Blizzard Battle.net v2.40.0.15267 allows attackers to escalate privileges via placing a crafted shell script or executable into the C:\ProgramData directory.
CVE-2020-27383
1Blizzard
1Battle.net
Nov 21, 2024
Jun 9, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
Battle.net.exe in Battle.Net 1.27.1.12428 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnera...Show more
Battle.net.exe in Battle.Net 1.27.1.12428 suffers from an elevation of privileges vulnerability which can be used by an "Authenticated User" to modify the existing executable file with a binary of his choice. The vulnerability exist due to weak set of permissions being granted to the "Authenticated Users Group" which grants the (F) Flag aka "Full Control"Show less