CVE-2019-15943
published 2019-09-19CVE-2019-15943: vphysics.dll in Counter-Strike: Global Offensive before 1.37.1.1 allows remote attackers to achieve code execution or denial of service by creating a gaming…
PriorityP357high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
EXPLOIT
EPSS
8.72%
94.5th percentile
vphysics.dll in Counter-Strike: Global Offensive before 1.37.1.1 allows remote attackers to achieve code execution or denial of service by creating a gaming server and inviting a victim to this server, because a crafted map is mishandled during a memset call.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| valvesoftware | counter-strike | < 1.37.1.1 | 1.37.1.1 |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor for unusual .bsp map files being loaded from the CS:GO maps directory, especially files with corrupted or anomalous class name values (e.g., containing '=' character at offset 0x115703). ↗
- →Alert on SEH chain corruption crashes originating from vphysics.dll during map loading in CS:GO, as this is the exploitability indicator identified by msec.dll (!exploitable). ↗
- →Detect execution of the 'map mc' console command or loading of maps named 'mc.bsp' in CS:GO, which corresponds to the PoC trigger. ↗
- →Flag CS:GO clients running versions prior to 1.37.1.1 connecting to untrusted/community servers, as the attack vector requires the victim to join an attacker-controlled server with a crafted map. ↗
- ·The vulnerability is triggered during map load via a memset call in vphysics.dll; exploitation requires the victim to actively join an attacker-controlled server and load the crafted .bsp map — it is not a passive/drive-by vector. ↗
- ·The PoC .bsp file (47454.bsp / mc.bsp) is publicly available on ExploitDB's binary sploits repository, lowering the barrier for exploitation. ↗
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.06.8MEDIUMAV:N/AC:M/Au:N/C:P/I:P/A:P
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/154705/Counter-Strike-Global-Offensive-Code-Execution-Denial-Of-Service.htmlhttps://blog.counter-strike.net/index.php/category/updates/https://github.com/bi7s/CVE/blob/master/CVE-2019-15943/README.mdhttp://packetstormsecurity.com/files/154705/Counter-Strike-Global-Offensive-Code-Execution-Denial-Of-Service.htmlhttps://blog.counter-strike.net/index.php/category/updates/https://github.com/bi7s/CVE/blob/master/CVE-2019-15943/README.md
2019-09-19
Published