CVE-2020-37254

Wondershare PDFelement 5.2.9 is affected by a privilege escalation due to an unquoted service path in the WsAppService Windows service. Local attackers could place a malicious executable in the service path and gain code execution with LocalSystem privileges when the service restarts or the syste...

CVE-2020-37252

CVE-2020-37252 describes an unquoted service path vulnerability in Realtek Audio Service 1.0.0.55, specifically in RtkAudioService64.exe. The root cause is the unquoted service path, enabling local attackers to escalate privileges by placing a malicious executable in the unquoted directory, which...

EUVD-2020-31251

TFTP Broadband 4.3.0.1465 contains an unquoted service path vulnerability in the tftpt.exe service binary that allows local attackers to execute arbitrary code with system privileges. Attackers can place a malicious executable in the Program Files directory path that will be executed during servi...

EUVD-2016-10904

Windows Firewall Control 4.8.6.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by inserting malicious executables in the service path. Attackers can place executable files in unquoted path directories that the wfcs.exe service will execute with...

CVE-2018-25359

CVE-2018-25359 affects Splinterware System Scheduler Pro 5.12. The issue is insecure file permissions enabling low-privilege users to replace the service executable (WService.exe) in the installation directory, causing a malicious binary to run with LocalSystem privileges when the service starts....

CVE-2020-37232

Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary path that allows local attackers to escalate privileges. Attackers can place malicious executables in the system root path that will be executed with LocalSyst...

CVE-2020-37231

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...

CVE-2021-47974

VX Search 13.5.28 contains an unquoted service path vulnerability affecting VX Search Server and VX Search Enterprise services. The root cause is unquoted paths such as C:\Program Files\VX Search, allowing local attackers to escalate privileges by placing a malicious executable in the unquoted di...

CVE-2020-37231

CVE-2020-37231 affects Privacy Drive 3.17.0 and is due to an unquoted service path in the pdsvc.exe service binary. This enables local privilege escalation to LocalSystem during service startup or system reboot by placing a malicious executable in the unquoted path directory. Metrics indicate a h...

EUVD-2020-31232

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...

CVE-2020-37231 Privacy Drive 3.17.0 Unquoted Service Path Privilege Escalation

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...

CVE-2020-37229 OKI sPSV Port Manager 1.0.41 Unquoted Service Path Privilege Escalation

OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows local attackers to escalate privileges by inserting executable files into the unquoted path. Attackers can place a malicious executable in a directory within the service path that...

EUVD-2016-10869

Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attackers to escalate privileges by injecting malicious executables. Attackers can place executable files in the service path and upon service restart or system reboot, the malicious...

EUVD-2016-10865

Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivirusHealth services that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted service path and trigger service restart or...

CVE-2016-20060

Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attackers to escalate privileges by injecting malicious executables. Attackers can place executable files in the service path and upon service restart or system reboot, the malicious...

CVE-2016-20061 sheed AntiVirus 2.3 Unquoted Service Path Privilege Escalation

sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can insert a malicious executable in the unquoted path and trigger service restart or system reboot to...

CVE-2016-20059

CVE-2016-20059 : IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services. This allows local attackers to escalate privileges by placing a malicious executable in the unquoted path, triggering privilege escalation on service restart ...

CVE-2016-20058 Netgate AMITI Antivirus build 23.0.305 Unquoted Service Path Privilege Escalation

Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivirusHealth services that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted service path and trigger service restart or...

CVE-2016-20055

CVE-2016-20055 affects IObit Advanced SystemCare 10.0.2. The vulnerability is an unquoted service path in the AdvancedSystemCareService10 service; a local attacker can place a malicious executable in the service’s path and trigger privilege escalation when the service restarts or the system reboo...

PT-2026-30357

Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attackers to escalate privileges by injecting malicious executables. Attackers can place executable files in the service path and upon service restart or system reboot, the malicious...