The host is installed with Valve Steam Client through 2019-08-12 and is prone to a local privilege escalation vulnerability. A flaw is present in the application, which fails to handle the access issue in NT AUTHORITY\SYSTEM. Successful exploitation could allow attackers to perform privilege escalation (to NT AUTHORITY\SYSTEM) via crafted use of CreateMountPoint.exe and SetOpLock.exe to leverage a TOCTOU race condition.