We identified three independent remote code execution (RCE) vulnerabilities in the popular Counter-Strike: Global Offensive game. Each vulnerability can be triggered when the game client connects to our malicious python CS:GO server. This post details our journey through the CS:GO binary and conducts a technical deep dive into various identified bugs. We conclude by presenting a proof of concept (POC) exploit that leverages four different logic bugs into remote code execution in the game's client, triggered when a client connects to the server.
I wonder if these exploits will carry over to cs2?
Patching csgo is almost pointless right now with cs2 coming out any time now.
I disagree with patching being pointless : some players will keep playing csgo, no matter if a newer cs comes out
No they won’t, it’s shutting down. Cs2 is a complete replacement.
You mean it’s gonna appear as an update to CSGO in steam?
I’m not sure if they are pushing a new client or not, but they might as well it’s on a new engine and all that jazz.