MEDIUM
Valvesoftware
CVE published 2017-01-23
CVE-2016-5237
CVE-2016-5237 describes weak permissions in the Steam program directory that let local users modify files and potentially gain privileges, including a Trojan-horse replacement of Steam.exe. The CVE was published on 2017-01-23 and NVD later modified the record on 2026-05-13. NVD rates the issue CVSS 4.8 (Medium).