CVE-2021-47828 BOOTP Turbo 2.0.0.1253 - 'bootpt.exe' Unquoted Service Path

BOOTP Turbo 2.0.0.1253 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to execute arbitrary code with elevated LocalSystem privileges during system startup or reboot...

CVE-2021-47828 BOOTP Turbo 2.0.0.1253 - 'bootpt.exe' Unquoted Service Path

BOOTP Turbo 2.0.0.1253 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to execute arbitrary code with elevated LocalSystem privileges during system startup or reboot...

CVE-2021-47828

CVE-2021-47828 relates to BOOTP Turbo 2.0.0.1253, where the Windows service bootpt.exe uses an unquoted service path. The underlying issue is an unquoted path in the service configuration, enabling elevated LocalSystem code execution during startup or reboot. Mitigation is to quote the service pa...

CVE-2021-47826 Acer Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path

Acer Backup Manager 3.0.0.99 contains an unquoted service path vulnerability in the NTI IScheduleSvc service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\NTI\Acer Backup Manager\ to inject malicious executables that...

CVE-2021-47826 Acer Backup Manager Module 3.0.0.99 - 'IScheduleSvc.exe' Unquoted Service Path

Acer Backup Manager 3.0.0.99 contains an unquoted service path vulnerability in the NTI IScheduleSvc service that allows local users to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files x86\NTI\Acer Backup Manager\ to inject malicious executables that...

CVE-2021-47825

CVE-2021-47825 covers an unquoted service path in Acer Updater Service 1.2.3500.0. The vulnerability stems from an unquoted path in C:\Program Files\Acer\Acer Updater, allowing a local user to inject a malicious executable that runs with LocalSystem privileges at service startup. Affected compone...

CVE-2021-47825

Acer Updater Service 1.2.3500.0 contains an unquoted service path vulnerability that allows local users to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files\Acer\Acer Updater\ to inject malicious executables that will run with LocalSystem...

CVE-2021-47825 Acer Updater Service 1.2.3500.0 - 'UpdaterService.exe' Unquoted Service Path

Acer Updater Service 1.2.3500.0 contains an unquoted service path vulnerability that allows local users to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files\Acer\Acer Updater\ to inject malicious executables that will run with LocalSystem...

CVE-2021-47787

TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path configuration...

PT-2026-3281

Name of the Vulnerable Software and Affected Versions Acer Updater Service version 1.2.3500.0 Description The Acer Updater Service contains a flaw due to an unquoted service path. This allows local users to potentially execute code with elevated system privileges. An attacker can exploit the...

PT-2026-3326

Name of the Vulnerable Software and Affected Versions Microsoft Edge affected versions not specified Description The Microsoft Edge Elevation Service has a design flaw where a privileged COM interface does not properly check the permissions of the process making the request. A standard local user...

PT-2026-3285

Name of the Vulnerable Software and Affected Versions DHCP Broadband version 4.1.0.1503 Description The software contains an unquoted service path vulnerability in its service configuration. This allows local attackers to execute code with elevated privileges. The vulnerable path is located at...

CVE-2021-47804

Wise Care 365 5.6.7.568 contains an unquoted service path vulnerability in the WiseBootAssistant service running with LocalSystem privileges. Attackers can exploit this by inserting a malicious executable in the service path, which will execute with elevated system privileges when the service...

CVE-2021-47787

CVE-2021-47787 affects TotalAV 5.15.69 and describes an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. The root cause is an unquoted path segment that could allow an attacker to place a malicious executable in the path, potentially gaining SYS...

CVE-2021-47787 TotalAV 5.15.69 - Unquoted Service Path

TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path configuration...

CVE-2021-47787

TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path configuration...

CVE-2021-47780 Macro Expert 4.7 - Unquoted Service Path

Macro Expert 4.7 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the improperly configured service path to inject malicious executables that will be run with LocalSystem permission...

CVE-2020-36928

CVE-2020-36928: Brother BRAgent 1.38 contains an unquoted service path in the WBA_Agent_Client service that runs with LocalSystem privileges. An attacker can exploit the unquoted path in C:\Program Files (x86)\Brother\BRAgent\ to inject and execute malicious code with elevated system permissions....

CVE-2020-36928 Brother BRAgent 1.38 - 'WBA_Agent_Client' Unquoted Service Path

Brother BRAgent 1.38 contains an unquoted service path vulnerability in the WBAAgentClient service running with LocalSystem privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Brother\BRAgent\ to inject and execute malicious code with elevated system permissions...

CVE-2020-36928 Brother BRAgent 1.38 - 'WBA_Agent_Client' Unquoted Service Path

Brother BRAgent 1.38 contains an unquoted service path vulnerability in the WBAAgentClient service running with LocalSystem privileges. Attackers can exploit the unquoted path in C:\Program Files x86\Brother\BRAgent\ to inject and execute malicious code with elevated system permissions...