5 matches found
CVE-2020-37253
Winstep 18.06.0096 contains an unquoted service path vulnerability in the Winstep Xtreme Service that allows local attackers to escalate privileges. Attackers can place malicious executables in the Program Files directory to be executed with LocalSystem privileges when the service starts...
CVE-2020-37253
Winstep 18.06.0096 contains an unquoted service path vulnerability in the Winstep Xtreme Service that allows local attackers to escalate privileges. Attackers can place malicious executables in the Program Files directory to be executed with LocalSystem privileges when the service starts...
EUVD-2020-31254
Winstep 18.06.0096 contains an unquoted service path vulnerability in the Winstep Xtreme Service that allows local attackers to escalate privileges. Attackers can place malicious executables in the Program Files directory to be executed with LocalSystem privileges when the service starts...
CVE-2020-37253 Winstep 18.06.0096 Unquoted Service Path Privilege Escalation
Winstep 18.06.0096 contains an unquoted service path vulnerability in the Winstep Xtreme Service that allows local attackers to escalate privileges. Attackers can place malicious executables in the Program Files directory to be executed with LocalSystem privileges when the service starts...
PT-2026-50918
Name of the Vulnerable Software and Affected Versions Winstep version 18.06.0096 Description The Winstep Xtreme Service contains an unquoted service path issue. This occurs when a service path contains spaces and is not enclosed in quotes, allowing a local attacker to place a malicious executable...