CVE-2020-37252

Realtek Audio Service 1.0.0.55 contains an unquoted service path vulnerability in RtkAudioService64.exe that allows local attackers to escalate privileges by injecting malicious code. Attackers can place executable files in the unquoted service path directory to execute arbitrary code with...

CVE-2020-37254 Wondershare PDFelement 5.2.9 Privilege Escalation via Unquoted Service Path

Wondershare PDFelement 5.2.9 contains a privilege escalation vulnerability due to an unquoted service path in the WsAppService Windows service. Local attackers can place a malicious executable in the service path and execute code with LocalSystem privileges upon service restart or system reboot...

CVE-2020-37254

Wondershare PDFelement 5.2.9 is affected by a privilege escalation due to an unquoted service path in the WsAppService Windows service. Local attackers could place a malicious executable in the service path and gain code execution with LocalSystem privileges when the service restarts or the syste...

CVE-2020-37252

CVE-2020-37252 describes an unquoted service path vulnerability in Realtek Audio Service 1.0.0.55, specifically in RtkAudioService64.exe. The root cause is the unquoted service path, enabling local attackers to escalate privileges by placing a malicious executable in the unquoted directory, which...

EUVD-2020-31251

TFTP Broadband 4.3.0.1465 contains an unquoted service path vulnerability in the tftpt.exe service binary that allows local attackers to execute arbitrary code with system privileges. Attackers can place a malicious executable in the Program Files directory path that will be executed during servi...

CVE-2019-25747 Network Inventory Advisor 5.0.26.0 Unquoted Service Path Privilege Escalation

Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate directories. Attackers can exploit the unquoted path in the service configuration to execute arbitrar...

EUVD-2016-10904

Windows Firewall Control 4.8.6.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by inserting malicious executables in the service path. Attackers can place executable files in unquoted path directories that the wfcs.exe service will execute with...

PT-2026-50917

Name of the Vulnerable Software and Affected Versions Realtek Audio Service version 1.0.0.55 Description An unquoted service path issue exists in RtkAudioService64.exe. This allows local attackers to escalate privileges by placing malicious executable files in the unquoted service path directory,...

CVE-2018-25359

CVE-2018-25359 affects Splinterware System Scheduler Pro 5.12. The issue is insecure file permissions enabling low-privilege users to replace the service executable (WService.exe) in the installation directory, causing a malicious binary to run with LocalSystem privileges when the service starts....

CVE-2020-37231

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...

CVE-2020-37232

Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary path that allows local attackers to escalate privileges. Attackers can place malicious executables in the system root path that will be executed with LocalSyst...

CVE-2021-47974

VX Search 13.5.28 contains an unquoted service path vulnerability affecting VX Search Server and VX Search Enterprise services. The root cause is unquoted paths such as C:\Program Files\VX Search, allowing local attackers to escalate privileges by placing a malicious executable in the unquoted di...

CVE-2020-37231

CVE-2020-37231 affects Privacy Drive 3.17.0 and is due to an unquoted service path in the pdsvc.exe service binary. This enables local privilege escalation to LocalSystem during service startup or system reboot by placing a malicious executable in the unquoted path directory. Metrics indicate a h...

EUVD-2020-31232

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...

CVE-2020-37231 Privacy Drive 3.17.0 Unquoted Service Path Privilege Escalation

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to execute arbitrary code...

CVE-2020-37229 OKI sPSV Port Manager 1.0.41 Unquoted Service Path Privilege Escalation

OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows local attackers to escalate privileges by inserting executable files into the unquoted path. Attackers can place a malicious executable in a directory within the service path that...

EUVD-2016-10865

Netgate AMITI Antivirus build 23.0.305 contains an unquoted service path vulnerability in the AmitiAvSrv and AmitiAntivirusHealth services that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted service path and trigger service restart or...

EUVD-2016-10869

Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attackers to escalate privileges by injecting malicious executables. Attackers can place executable files in the service path and upon service restart or system reboot, the malicious...

CVE-2016-20060

Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attackers to escalate privileges by injecting malicious executables. Attackers can place executable files in the service path and upon service restart or system reboot, the malicious...

CVE-2016-20061 sheed AntiVirus 2.3 Unquoted Service Path Privilege Escalation

sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can insert a malicious executable in the unquoted path and trigger service restart or system reboot to...