Critical flaws in a core networking library that powered Valve’s online gaming functionality could have allowed malicious actors to remotely hack games and even take control of affected third-party gaming servers.
“An attacker could shatter an opponent’s game client remotely to force a win or even perform a ‘stop rabies nuclear’ and crash a Valve game server to end the game completely,” noted Eyal Itkin of Check Point Research in an analysis and announced today. “Possibly even more damaging, attackers could remotely take third-party developers’ game servers to execute arbitrary code.”
Valve is a popular video game developer and publisher in the United States behind the Steam game software distribution platform and several titles like Half-Life, Counter-Strike, Portal, Day of Defeat, Team Fortress, Left 4 Dead, and Dota.
The four flaws (CVE-2020-6016 through CVE-2020-6019) were revealed in Valve Game Networking Sockets (GNS) or Steam Sockets library, an open source networking library that provides a “basic transport layer for games,” enabling and a mix of UDP and TCP features with support for encryption, increased reliability, and peer-to-peer (P2P) communication.
Steam Sockets is also offered as part of the Steamworks SDK for third-party game developers, with the vulnerabilities found on Steam’s servers and its clients installed on gamers’ systems.
The attack relies on a specific flaw in the package reset mechanism (CVE-2020-6016) and a quirk when executing C ++ repeaters to send a bunch of malicious packages to a target game server and trigger a heap-based buffer overflow, eventually causing. the server to abort or crash.
Following a responsible reveal to Valve on September 2, 2020, the binary updates containing the repairs were shipped to Valve games clients and servers on September 17.
But according to Check Point, some third-party game developers are yet to patch their clients on December 2nd.
“Video games have reached a record high during the coronavirus pandemic,” said Itkin. “With millions of people currently playing online games, even the smallest security issue can be a serious concern for gaming companies and the privacy of gamers. Through the vulnerabilities we found, an attacker could have taken over hundreds of thousands of gamer computers every day, with the victims completely blind to it. “
“Popular online platforms are the bases of good harvesting for attackers. Whenever you have millions of users logging in to the same place, the power of strong and reliable exploitation rises exponentially.”
Check Point said gamers playing Valve games via Steam are already protected by the fix, although third-party gamers should ensure their game clients have received an update in recent months to mitigate the risk posed associated with the deficit.