CVE-2022-36263 in Desktop Applicationinfo

Summary

by MITRE • 08/19/2022

StreamLabs Desktop Application 1.9.0 is vulnerable to Incorrect Access Control via obs64.exe. An attacker can execute arbitrary code via a crafted .exe file.

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Analysis

by VulDB Data Team • 06/27/2025

The StreamLabs Desktop Application version 1.9.0 contains a critical access control vulnerability that stems from improper privilege management within the obs64.exe component. This vulnerability represents a significant security weakness that allows unauthorized code execution through maliciously crafted executable files. The flaw exists within the application's handling of file execution permissions and process validation mechanisms, creating an attack vector that could be exploited by threat actors to gain unauthorized system access.

The technical implementation of this vulnerability involves the obs64.exe process failing to properly validate the authenticity and integrity of executable files before execution. This incorrect access control mechanism operates at the application level where the software should enforce strict file validation protocols but instead permits arbitrary code execution. The vulnerability is classified as an access control flaw that falls under the CWE-284 category, which specifically addresses improper access control implementations. Attackers can leverage this weakness by creating specially crafted .exe files that bypass the application's security checks, effectively allowing code injection into the system.

The operational impact of this vulnerability extends beyond simple code execution, as it creates persistent access points for attackers to establish footholds within affected systems. Once exploited, the vulnerability allows for complete system compromise through arbitrary code execution, potentially enabling privilege escalation, data exfiltration, and persistent backdoor installation. The attack surface is particularly concerning for users who rely on StreamLabs for streaming and broadcasting activities, as these applications often run with elevated privileges and may have access to sensitive system resources. This vulnerability aligns with ATT&CK technique T1059.001 for command and scripting interpreter, and T1068 for exploit for privilege escalation.

Mitigation strategies should focus on immediate application updates to versions that address the access control flaw, while also implementing additional security controls such as application whitelisting and process monitoring. System administrators should consider deploying endpoint detection and response solutions to monitor for suspicious execution patterns and unauthorized file modifications. The vulnerability demonstrates the importance of proper privilege separation and input validation in desktop applications, particularly those handling multimedia content and system integration. Organizations should also conduct thorough security assessments of their streaming and broadcasting toolchains to identify similar access control weaknesses that could be exploited through comparable attack vectors.

Reservation

07/18/2022

Disclosure

08/19/2022

Moderation

accepted

CPE

ready

EPSS

0.00368

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!