Lucene search
K

5 matches found

NVD
NVD
added 2026/06/19 3:16 p.m.14 views

CVE-2020-37253

Winstep 18.06.0096 contains an unquoted service path vulnerability in the Winstep Xtreme Service that allows local attackers to escalate privileges. Attackers can place malicious executables in the Program Files directory to be executed with LocalSystem privileges when the service starts...

8.5CVSS0.00109EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/06/19 2:16 p.m.4 views

CVE-2020-37253

Winstep 18.06.0096 contains an unquoted service path vulnerability in the Winstep Xtreme Service that allows local attackers to escalate privileges. Attackers can place malicious executables in the Program Files directory to be executed with LocalSystem privileges when the service starts...

8.5CVSS5.8AI score0.00109EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2026/06/19 2:16 p.m.7 views

EUVD-2020-31254

Winstep 18.06.0096 contains an unquoted service path vulnerability in the Winstep Xtreme Service that allows local attackers to escalate privileges. Attackers can place malicious executables in the Program Files directory to be executed with LocalSystem privileges when the service starts...

8.5CVSS5.8AI score0.00109EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/19 2:16 p.m.30 views

CVE-2020-37253 Winstep 18.06.0096 Unquoted Service Path Privilege Escalation

Winstep 18.06.0096 contains an unquoted service path vulnerability in the Winstep Xtreme Service that allows local attackers to escalate privileges. Attackers can place malicious executables in the Program Files directory to be executed with LocalSystem privileges when the service starts...

8.5CVSS0.00109EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/19 12:0 a.m.11 views

PT-2026-50918

Name of the Vulnerable Software and Affected Versions Winstep version 18.06.0096 Description The Winstep Xtreme Service contains an unquoted service path issue. This occurs when a service path contains spaces and is not enclosed in quotes, allowing a local attacker to place a malicious executable...

8.5CVSS5.8AI score0.00109EPSS
Exploits0References4
Rows per page
Query Builder