Valve, the giant behind the popular gaming platform Steam, had lately addressed a years-old flaw. The vulnerability that received the fix could allow RCE attacks by sensing malicious Steam game invites.
Steam RCE Vulnerability Exploiting Game Invites
A security researcher with alias Florian has recently disclosed a vulnerability that affected the Steam engine. The vulnerability could allow remote code execution (RCE) attacks merely by sending malicious game invites.
Sharing the details in a post, the researcher revealed that inviting friends on Steam allows a gamer to add arbitrary commands to the invite (if the game hasn’t started). This could mean making trivial tweaks such as modifying the game language, sensitivity, resolution, and more.
While that already sounds like an issue, what made it a security flaw is the Source RCON Protocol. It allows server owners to execute commands in the context of their game servers. Abusing this feature would allow RCE attacks.
Technical details of this bug are available in the researcher’s post. Whereas the following video is a demonstration of the PoC.
Patch Arrived After Two Years
Being a vulnerability in the game engine, the bug indirectly affected numerous games as well, including Team Fortress 2 and Counter Strike: Global Offensive.
The researcher first reported the flaw to Valve back in 2019 via HackerOne. However, the bug remained unpatched despite its severity.
Recently, Motherboard also reported in detail how this flaw affected CS:GO gamers by allowing full system takeover by an attacker.
Finally, after all these reports, Valve has deployed a fix for this bug on April 17, 2021. The vulnerability has received the ID CVE-2021-30481 and a critical severity rating with a score of 9.0.
While Valve has addressed this bug in Steam after about two years, the platform still isn’t secure enough yet. Many other researchers have also reported a delayed response from Valve in addressing security bugs. Still, many more flaws await a patch. Therefore, all gamers should remain very careful for potential cyberattacks.