Critical flaws in a core networking library powering Valveβs online gaming functionality could have allowed malicious actors to remotely crash games and even take control over affected third-party game servers.
βAn attacker could remotely crash an opponentβs game client to force a win or even perform a βnuclear rage quitβ and crash the Valve game server to end the game completely,β Check Point Researchβs Eyal Itkin noted in an analysis published today. βPotentially even more damaging, attackers could remotely take over third-party developer game servers to execute arbitrary code.β
Valve is a popular US-based video game developer and publisher behind the game software distribution platform Steam and several titles such as Half-Life, Counter-Strike, Portal, Day of Defeat, Team Fortress, Left 4 Dead, and Dota.
The four flaws (CVE-2020-6016 through CVE-2020-6019) were uncovered in Valveβs Game Networking Sockets (GNS) or Steam Sockets library, an open-sourced networking library that provides a βbasic transport layer for games,β enabling a mix of UDP and TCP features with support for encryption, greater reliability, and peer-to-peer (P2P) communications.
Steam Sockets is also offered as part of the Steamworks SDK for third-party game developers, with the vulnerabilities found on both Steam servers and on its clients installed on gamersβ systems.
The attack hinges on a specific flaw in the packet reassembly mechanism (CVE-2020-6016) and a quirk in C++'s implementation of iterators to send a bunch of malicious packets to a target game server and trigger a heap-based buffer underflow, ultimately causing the server to abort or crash.
Following responsible disclosure to Valve on September 2, 2020, the binary updates containing the fixes were shipped to Valveβs game clients and servers on September 17.
But according to Check Point, certain third-party game developers are yet to patch their clients as of December 2.
βVideo games have reached an all-time-high during the coronavirus pandemic,β Itkin said. βWith millions of people currently playing online games, even the slightest security issue can be a serious concern for gaming companies and gamersβ privacy. Through the vulnerabilities we found, an attacker could have taken over hundreds of thousands of gamer computers every day, with the victims being completely blind to it.β
βPopular online platforms are good harvesting grounds for attackers. Whenever you have millions of users logging into the same place, the power of a strong and reliable exploit raises exponentially.β
Check Point said that gamers playing Valveβs games through Steam are already protected by the fix, although gamers of third-party games should ensure their game clients received an update in recent months to mitigate the risk associated with the flaw.
Found this article interesting? Follow THN on Facebook, Twitter ο and LinkedIn to read more exclusive content we post.