Game over? Vulnerabilities on Valve's Steam put hundreds of thousands gamers at risk - Check Point Software
Highlights: CP<R> found four major vulnerabilities in the popular Valve games networking library. All vulnerabilities were acknowledged and received
- CP<R> found four major vulnerabilities in the popular Valve games networking library. All vulnerabilities were acknowledged and received CVE’s.
- If exploited, an attacker could take over hundreds of thousands of computers without needing gamers to click on a malicious email or link. Unlike other vulnerabilities, victims are unknowingly affected by simply logging onto the game.
- Additional actions attackers could carry out:
- Remotely take over a 3rd party game server to execute arbitrary code
- Remotely crash the opponent’s game client
- Crash the Valve game server, making it impossible for anyone to play
- Steal credentials and private information
- As of September 2020, Steam reached a record peak of over 21 million concurrent users and over 95 million active monthly users
Hundreds of thousands of gamers at peril
Throughout our research, we found several vulnerabilities in the implementation of the GNS library. The library supports communication in peer-to-peer (P2P) mode – a web framework for real-time communication – and in centralized client server mode. The communication factor is key as it potentially allows an attacker to take control of a computer that is connected to a 3rd party game server. If exploited, these vulnerabilities could enable a variety of possible attacks that would cause severe implications. For example, an attacker could remotely crash an opponent’s game client to force a win or even perform a “nuclear rage quit” and crash the Valve game server completely.
Potentially the most damaging is the fact that when users are playing a game created by 3rd-party developers, attackers can remotely take over the game’s server to execute arbitrary code. This would enable an attacker to take control of the gamer’s computer and steal his or her credentials, and obtain private information. in other words, they can take over the computer.
According to statistics from Steam, this vulnerability may have affected hundreds of thousands players daily. The Steam platform is the largest digital distribution platform for PC gaming. In 2019, the service had over 34,000 games with over 95 million monthly active users.
Unlike previous attacks where the user needs to press a link or download a file to execute malware, in this scenario, the victims are unknowingly affected. All they have to do is simply log into the game.
Check Point researchers notified “Valve” about the four different vulnerabilities discovered in this research (CVE-2020-6016 through CVE-2020-6019). Valve’s team fully patched the vulnerabilities quickly with great cooperation and full visibility.
We encourage all gamers using 3rd party games (non-Valve games) to check that their game clients received an update. Pay special attention to any game downloaded before September 4th 2020, as this is the date that the library was patched by Valve.