CVE-2020-36984 EPSON 1.124 - 'seksmdb.exe' Unquoted Service Path

EPSON 1.124 contains an unquoted service path vulnerability in the SENADB service that allows local attackers to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files x86\EPSONP2B\Printer Software\Status Monitor\ to inject malicious executables...

PT-2026-5000

Wondershare Driver Install Service contains an unquoted service path vulnerability in the ElevationService executable that allows local attackers to potentially inject malicious code. Attackers can exploit the unquoted path to replace the service binary with a malicious executable, enabling...

CVE-2020-36935

KMSpico 17.1.0.0 contains an unquoted service path vulnerability in the Service KMSELDI configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:\Program Files\KMSpico\ServiceKMS.exe to inject malicious executables and...

CVE-2021-47887

OKI Print Job Accounting 4.4.10 contains an unquoted service path vulnerability in the OkiJaSvc service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\Okidata\Print Job Accounting' to inject malicious executables and...

CVE-2021-47863

MacPaw Encrypto 1.0.1 contains an unquoted service path vulnerability in its Encrypto Service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files\Encrypto\ to inject malicious executables and escalate...

CVE-2021-47869 BRAdmin Professional 3.75 - 'BRA_Scheduler' Unquoted Service Path

Brother BRAdmin Professional 3.75 contains an unquoted service path vulnerability in the BRAScheduler service that allows local users to potentially execute arbitrary code. Attackers can place a malicious executable named 'BRAdmin' in the C:\Program Files x86\Brother\ directory to gain local syst...

CVE-2021-47869 BRAdmin Professional 3.75 - 'BRA_Scheduler' Unquoted Service Path

Brother BRAdmin Professional 3.75 contains an unquoted service path vulnerability in the BRAScheduler service that allows local users to potentially execute arbitrary code. Attackers can place a malicious executable named 'BRAdmin' in the C:\Program Files x86\Brother\ directory to gain local syst...

MAL-2026-351 Malicious code in nanoinstaller (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9f6ea4dd9867e528445ba01d2ceed3638e6178b2a940a2598c0f89eca5795802 Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...

Malicious code in nanoinstaller (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 9f6ea4dd9867e528445ba01d2ceed3638e6178b2a940a2598c0f89eca5795802 Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...

Malicious code in bnanainstaller (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 fa730f845044e96bb14f1b7245d35b819dc8a9ddeef07c952c22e65f85c0a459 Package is designed to download and execute a remote script, which then downloads and runs a malicious executable --- Category: MALICIOUS - The campaign has...

CVE-2021-47787

TotalAV 5.15.69 contains an unquoted service path vulnerability in multiple system services running with LocalSystem privileges. Attackers can place malicious executables in specific unquoted path segments to potentially gain SYSTEM-level access by exploiting the service path configuration...

PT-2026-3281

Name of the Vulnerable Software and Affected Versions Acer Updater Service version 1.2.3500.0 Description The Acer Updater Service contains a flaw due to an unquoted service path. This allows local users to potentially execute code with elevated system privileges. An attacker can exploit the...

CVE-2021-47804

CVE-2021-47804 concerns Wise Care 365 5.6.7.568, where the WiseBootAssistant service runs as LocalSystem and has an unquoted service path vulnerability. An attacker can insert a malicious executable into the service path, which will execute with elevated system privileges when the service restart...

CVE-2021-47803 iFunbox 4.2 - 'Apple Mobile Device Service' Unquoted Service Path

iFunbox 4.2 contains an unquoted service path vulnerability in the Apple Mobile Device Service that allows local attackers to execute code with elevated privileges. Attackers can insert a malicious executable into the unquoted service path to run with LocalSystem privileges when the service...

CVE-2021-47762

HTTPDebuggerPro 9.11 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables and gain elevated...

EUVD-2026-2779

MilleGPG5 5.7.2 contains a local privilege escalation vulnerability that allows authenticated users to modify service executable files in the MariaDB bin directory. Attackers can replace the mysqld.exe with a malicious executable, which will execute with system privileges when the computer restar...

PT-2026-3174

Wise Care 365 5.6.7.568 contains an unquoted service path vulnerability in the WiseBootAssistant service running with LocalSystem privileges. Attackers can exploit this by inserting a malicious executable in the service path, which will execute with elevated system privileges when the service...

CVE-2022-50808 CoolerMaster MasterPlus 1.8.5 - 'MPService' Unquoted Service Path

CoolerMaster MasterPlus 1.8.5 contains an unquoted service path vulnerability in the MPService that allows local attackers to execute code with elevated system privileges. Attackers can drop a malicious executable in the service path and trigger code execution during service startup or system...

PT-2026-2365

CoolerMaster MasterPlus 1.8.5 contains an unquoted service path vulnerability in the MPService that allows local attackers to execute code with elevated system privileges. Attackers can drop a malicious executable in the service path and trigger code execution during service startup or system...

CVE-2018-18931

An issue was discovered in the Tightrope Media Carousel digital signage product 7.0.4.104. Due to insecure default permissions on the C:\TRMS\Services directory, an attacker who has gained access to the system can elevate their privileges from a restricted account to full SYSTEM by replacing the...