Relative Path Traversal in Age of Empires II: Definitive Edition by Microsoft
CVE-2026-50663
Key Information:
- Vendor
Microsoft
- Vendor
- CVE Published:
- 14 July 2026
Badges
What is CVE-2026-50663?
CVE-2026-50663 is a vulnerability found in Age of Empires II: Definitive Edition, a popular real-time strategy game developed by Microsoft. This relative path traversal vulnerability allows unauthorized attackers to execute code remotely over a network. Specifically, it exploits weaknesses in the way file paths are handled, enabling malicious actors to gain access to and manipulate files outside of designated directories. This flaw poses a significant threat to organizations, especially those that rely on this software for entertainment or team-building activities, as it could lead to compromised systems and unauthorized actions on their networks.
Potential impact of CVE-2026-50663
-
Remote Code Execution: The primary concern with CVE-2026-50663 is its potential to allow attackers to execute arbitrary code on vulnerable systems. This capability could enable the attacker to take full control of the affected game environment and linked resources, leading to far-reaching consequences for system integrity.
-
Data Exposure and Integrity Risks: Given that the vulnerability allows unauthorized access to files, there is a high risk of data exposure. Sensitive information could be accessed or altered, potentially leading to data theft or manipulation, impacting both gameplay experience and organizational data security.
-
Network Compromise: If exploited, this vulnerability could facilitate further attacks on an organization's network infrastructure. A compromised game server could serve as a foothold for attackers to pivot to other connected systems, leading to a broader security breach and potential disruption of business operations.
Affected Version(s)
Age of Empires II: Definitive Edition Game 1.0.0 < 101.103.46651.0