Local Privilege Escalation Vulnerability in Oculus Desktop by Facebook
CVE-2021-24038
7.8HIGH
What is CVE-2021-24038?
A vulnerability within the Oculus Desktop software arises from improper handle management in OVRServiceLauncher.exe. This flaw enables an attacker to expose a privileged process handle to an unprivileged process, resulting in local privilege escalation. Specifically, this issue impacts versions of Oculus Desktop starting from 1.39 up to, but not including, 31.1.0.67.507, posing a significant security risk for users.
Affected Version(s)
Oculus Desktop < 31.1.0.67.507
Oculus Desktop 31.1.0.67.507
Oculus Desktop <= unspecified