Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758.
Source: Acronis International GmbH
Max CVSS
8.2
EPSS Score
0.04%
Published
2024-04-29
Updated
2024-04-30
Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named `C:\Program.exe`, `C:\Program.bat`, or `C:\Program.cmd` on the user's computer. This attack vector isn't exploitable unless the user has manually loosened ACLs on the system drive. If the user's system locale is not English, then the name of the executable will likely vary. Version 0.23.0 contains a patch for the issue. Some workarounds are available. One may identify and block potentially malicious software executed path interception by using application control tools, like Windows Defender Application Control, AppLocker, or Software Restriction Policies where appropriate. Alternatively, ensure that proper permissions and directory access control are set to deny users the ability to write files to the top-level directory `C:`. Require that all executables be placed in write-protected directories.
Source: GitHub, Inc.
Max CVSS
4.9
EPSS Score
0.05%
Published
2024-05-16
Updated
2024-05-17
A local attacker can gain administrative privileges by inserting an executable file in the path of the affected product.
Source: CERT VDE
Max CVSS
7.8
EPSS Score
0.04%
Published
2024-03-01
Updated
2024-03-01
A potential security vulnerability has been identified in VSS Provider and CAPI Proxy software for certain HPE MSA storage products. This vulnerability could be exploited to gain elevated privilege on the system.
Source: Hewlett Packard Enterprise (HPE)
Max CVSS
7.3
EPSS Score
0.04%
Published
2024-04-15
Updated
2024-04-15
Unquoted path or search item vulnerability in SugarSync versions prior to 4.1.3 for Windows. This misconfiguration could allow an unauthorized local user to inject arbitrary code into the unquoted service path, resulting in privilege escalation.
Source: Spanish National Cybersecurity Institute, S.A. (INCIBE)
Max CVSS
7.8
EPSS Score
0.04%
Published
2024-05-03
Updated
2024-05-03
Unquoted Search Path or Element vulnerability in Logitech MEVO WEBCAM APP on Windows allows Local Execution of Code.
Source: Logitech
Max CVSS
4.4
EPSS Score
0.04%
Published
2024-04-23
Updated
2024-04-23
An unquoted executable path exists in the Rockwell Automation FactoryTalk® Remote Access™ possibly resulting in remote code execution if exploited. While running the FTRA installer package, the executable path is not properly quoted, which could allow a threat actor to enter a malicious executable and run it as a System user. A threat actor needs admin privileges to exploit this vulnerability.
Source: Rockwell Automation
Max CVSS
N/A
EPSS Score
0.04%
Published
2024-05-16
Updated
2024-05-17
A search path or unquoted item vulnerability in Faronics Deep Freeze Server Standard, which affects versions 8.30.020.4627 and earlier. This vulnerability affects the DFServ.exe file. An attacker with local user privileges could exploit this vulnerability to replace the legitimate DFServ.exe service executable with a malicious file of the same name and located in a directory that has a higher priority than the legitimate directory. Thus, when the service starts, it will run the malicious file instead of the legitimate executable, allowing the attacker to execute arbitrary code, gain unauthorized access to the compromised system or stop the service from running.
Source: Spanish National Cybersecurity Institute, S.A. (INCIBE)
Max CVSS
7.8
EPSS Score
0.04%
Published
2024-03-12
Updated
2024-03-12
Search path or unquoted item vulnerability in HDD Health affecting versions 4.2.0.112 and earlier. This vulnerability could allow a local attacker to store a malicious executable file within the unquoted search path, resulting in privilege escalation.
Source: Spanish National Cybersecurity Institute, S.A. (INCIBE)
Max CVSS
7.8
EPSS Score
0.04%
Published
2024-02-02
Updated
2024-02-09
Fortect - CWE-428: Unquoted Search Path or Element, may be used by local user to elevate privileges.
Source: Israel National Cyber Directorate
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-09-27
Updated
2023-09-28
Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Gateway. Although authentication is required to exploit this vulnerability, the existing authentication mechanism can be bypassed. The specific flaw exists within the configuration of the GTWWebMonitorService service. The path to the service executable contains spaces not surrounded by quotations. An attacker can leverage this vulnerability to execute arbitrary code in the context of root. Was ZDI-CAN-20538.
Source: Zero Day Initiative
Max CVSS
7.2
EPSS Score
0.05%
Published
2024-05-03
Updated
2024-05-03
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe for loading into ssh-agent.) NOTE: this issue exists because of an incomplete fix for CVE-2016-10009.
Source: MITRE
Max CVSS
9.8
EPSS Score
3.00%
Published
2023-07-20
Updated
2024-04-04
An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud (ASoC), may allow a local attacker to gain elevated privileges.
Source: HCL Software
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-10-17
Updated
2023-10-24
An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. It has an unquoted service path that can be abused locally.
Source: MITRE
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-09-15
Updated
2023-10-03
Unquoted search path in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
Source: Intel Corporation
Max CVSS
7.3
EPSS Score
0.04%
Published
2023-11-14
Updated
2023-11-20
Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges.
Source: MITRE
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-05-23
Updated
2023-05-31
Unquoted search path or element in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
Source: Intel Corporation
Max CVSS
7.3
EPSS Score
0.04%
Published
2023-11-14
Updated
2024-05-16
Uncontrolled search path in some Intel(R) Pathfinder for RISC-V software may allow an authenticated user to potentially enable escalation of privilege via local access.
Source: Intel Corporation
Max CVSS
7.3
EPSS Score
0.04%
Published
2023-05-10
Updated
2023-05-19
Uncontrolled search path in the WULT software maintained by Intel(R) before version 1.0.0 (commit id 592300b) may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Source: Intel Corporation
Max CVSS
8.8
EPSS Score
0.18%
Published
2023-05-10
Updated
2023-05-19
ASUS SetupAsusServices v1.0.5.1 in Asus Armoury Crate v5.3.4.0 contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.
Source: MITRE
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-07-26
Updated
2023-08-04
Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
Source: Intel Corporation
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-11-14
Updated
2023-11-28
VX Search v13.8 and v14.7 was discovered to contain an unquoted service path vulnerability which allows attackers to execute arbitrary commands at elevated privileges via a crafted executable file.
Source: MITRE
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-03-16
Updated
2023-03-22
Dell Multifunction Printer E525w Driver and Software Suite, versions prior to 1.047.2022, A05, contain a local privilege escalation vulnerability that could be exploited by malicious users to compromise the affected system
Source: Dell
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-02-21
Updated
2023-03-02
WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service.
Source: JPCERT/CC
Max CVSS
7.3
EPSS Score
0.04%
Published
2023-04-11
Updated
2023-04-18
Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions.
Source: ESET
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-01-31
Updated
2024-02-09
183 vulnerabilities found
1 2 3 4 5 6 7 8
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!