← Back

Desktop

desktop

Vendor: Oculus • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-24038
1Oculus
1Desktop
Nov 21, 2024
Aug 19, 2021
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop...Show more
Due to a bug with management of handles in OVRServiceLauncher.exe, an attacker could expose a privileged process handle to an unprivileged process, leading to local privilege escalation. This issue affects Oculus Desktop versions after 1.39 and prior to 31.1.0.67.507.Show less
CVE-2020-1885
1Oculus
1Desktop
Nov 21, 2024
Apr 8, 2020
N/A· v4
7.8 HIGH· v3
4.6 MEDIUM· v2
Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involvin...Show more
Writing to an unprivileged file from a privileged OVRRedir.exe process in Oculus Desktop before 1.44.0.32849 on Windows allows local users to write to arbitrary files and consequently gain privileges via vectors involving a hard link to a log file.Show less