Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2020-36929

Summary
Assigner-VulnCheck
Assigner Org ID-83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At-15 Jan, 2026 | 23:25
Updated At-16 Jan, 2026 | 16:52
Rejected At-
Credits

Brother BRPrint Auditor 3.0.7 - 'Multiple' Unquoted Service Path

Brother BRPrint Auditor 3.0.7 contains an unquoted service path vulnerability in its Windows service configurations that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted file paths in BrAuSvc and BRPA_Agent services to inject malicious executables and escalate privileges on the system.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
â–¼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:VulnCheck
Assigner Org ID:83251b91-4cc7-4094-a5c7-464a1b83ea10
Published At:15 Jan, 2026 | 23:25
Updated At:16 Jan, 2026 | 16:52
Rejected At:
â–¼CVE Numbering Authority (CNA)
Brother BRPrint Auditor 3.0.7 - 'Multiple' Unquoted Service Path

Brother BRPrint Auditor 3.0.7 contains an unquoted service path vulnerability in its Windows service configurations that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted file paths in BrAuSvc and BRPA_Agent services to inject malicious executables and escalate privileges on the system.

Affected Products
Vendor
Support
Product
Brother BRPrint Auditor
Versions
Affected
  • 3.0.7
Problem Types
TypeCWE IDDescription
CWECWE-428Unquoted Search Path or Element
Type: CWE
CWE ID: CWE-428
Description: Unquoted Search Path or Element
Metrics
VersionBase scoreBase severityVector
4.08.5HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Version: 4.0
Base score: 8.5
Base severity: HIGH
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
finder
Brian Rodriguez
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.exploit-db.com/exploits/50005
exploit
https://support.brother.com/g/s/id/common_download/en/auditor_pro3.html?c=be&lang=nl&redirect=on
product
https://support.brother.com/g/s/id/common_download/en/auditor_pro3.html?c=be&lang=fr&redirect=on
product
https://www.vulncheck.com/advisories/brother-brprint-auditor-multiple-unquoted-service-path
third-party-advisory
Hyperlink: https://www.exploit-db.com/exploits/50005
Resource:
exploit
Hyperlink: https://support.brother.com/g/s/id/common_download/en/auditor_pro3.html?c=be&lang=nl&redirect=on
Resource:
product
Hyperlink: https://support.brother.com/g/s/id/common_download/en/auditor_pro3.html?c=be&lang=fr&redirect=on
Resource:
product
Hyperlink: https://www.vulncheck.com/advisories/brother-brprint-auditor-multiple-unquoted-service-path
Resource:
third-party-advisory
â–¼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.exploit-db.com/exploits/50005
exploit
Hyperlink: https://www.exploit-db.com/exploits/50005
Resource:
exploit
Information is not available yet
â–¼National Vulnerability Database (NVD)
nvd.nist.gov
Source:disclosure@vulncheck.com
Published At:16 Jan, 2026 | 00:16
Updated At:09 Feb, 2026 | 15:02

Brother BRPrint Auditor 3.0.7 contains an unquoted service path vulnerability in its Windows service configurations that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted file paths in BrAuSvc and BRPA_Agent services to inject malicious executables and escalate privileges on the system.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary4.08.5HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Secondary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Secondary
Version: 4.0
Base score: 8.5
Base severity: HIGH
Vector:
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Type: Secondary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CPE Matches
Brother Industries, Ltd.
brother
>>brprint_auditor>>3.0.7
cpe:2.3:a:brother:brprint_auditor:3.0.7:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-428Secondarydisclosure@vulncheck.com
CWE ID: CWE-428
Type: Secondary
Source: disclosure@vulncheck.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://support.brother.com/g/s/id/common_download/en/auditor_pro3.html?c=be&lang=fr&redirect=ondisclosure@vulncheck.com
Product
https://support.brother.com/g/s/id/common_download/en/auditor_pro3.html?c=be&lang=nl&redirect=ondisclosure@vulncheck.com
Product
https://www.exploit-db.com/exploits/50005disclosure@vulncheck.com
Exploit
Third Party Advisory
https://www.vulncheck.com/advisories/brother-brprint-auditor-multiple-unquoted-service-pathdisclosure@vulncheck.com
Third Party Advisory
https://www.exploit-db.com/exploits/50005134c704f-9b21-4f2e-91b3-4a467353bcc0
Exploit
Third Party Advisory
Hyperlink: https://support.brother.com/g/s/id/common_download/en/auditor_pro3.html?c=be&lang=fr&redirect=on
Source: disclosure@vulncheck.com
Resource:
Product
Hyperlink: https://support.brother.com/g/s/id/common_download/en/auditor_pro3.html?c=be&lang=nl&redirect=on
Source: disclosure@vulncheck.com
Resource:
Product
Hyperlink: https://www.exploit-db.com/exploits/50005
Source: disclosure@vulncheck.com
Resource:
Exploit
Third Party Advisory
Hyperlink: https://www.vulncheck.com/advisories/brother-brprint-auditor-multiple-unquoted-service-path
Source: disclosure@vulncheck.com
Resource:
Third Party Advisory
Hyperlink: https://www.exploit-db.com/exploits/50005
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
Resource:
Exploit
Third Party Advisory

Change History

0
Information is not available yet

Similar CVEs

246Records found
CVE-2020-36928
Matching Score-10
Assigner-VulnCheck
ShareView Details
Matching Score-10
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.17%
||
7 Day CHG~0.00%
Published-15 Jan, 2026 | 23:25
Updated-09 Feb, 2026 | 15:04
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Brother BRAgent 1.38 - 'WBA_Agent_Client' Unquoted Service Path

Brother BRAgent 1.38 contains an unquoted service path vulnerability in the WBA_Agent_Client service running with LocalSystem privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Brother\BRAgent\ to inject and execute malicious code with elevated system permissions.

Action-Not Available
Vendor-Brother Industries, Ltd.
Product-bragentBrother BRAgent
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-6631
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.16%
||
7 Day CHG+0.02%
Published-08 Jan, 2024 | 19:04
Updated-03 Jun, 2025 | 14:34
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Subnet Solutions Inc. PowerSYSTEM Center Unquoted Search Path or Element

PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.

Action-Not Available
Vendor-subnetSubnet Solutions Inc.
Product-powersystem_centerPowerSYSTEM Center
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-54331
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.20%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 22:52
Updated-02 Feb, 2026 | 16:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Outline 1.6.0 - Unquoted Service Path

Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the OutlineService executable to inject malicious code that will be executed with LocalSystem permissions.

Action-Not Available
Vendor-getoutlineGetoutline
Product-outlineOutline
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2019-25310
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-Not Assigned
Published-11 Feb, 2026 | 14:56
Updated-11 Feb, 2026 | 21:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ActiveFax Server 6.92 Build 0316 - 'ActiveFaxServiceNT' Unquoted Service Path

ActiveFax Server 6.92 Build 0316 contains an unquoted service path vulnerability in the ActiveFaxServiceNT service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with elevated administrative privileges.

Action-Not Available
Vendor-Actfax
Product-ActiveFax Server
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2019-25306
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-Not Assigned
Published-11 Feb, 2026 | 14:56
Updated-11 Feb, 2026 | 21:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BlackMoon FTP Server 3.1.2.1731 - 'BMFTP-RELEASE' Unquoted Serive Path

BlackMoon FTP Server 3.1.2.1731 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to insert malicious code that would execute with LocalSystem account permissions during service startup.

Action-Not Available
Vendor-Blackmoon
Product-BlackMoon FTP Server
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2019-25307
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-Not Assigned
Published-11 Feb, 2026 | 14:56
Updated-11 Feb, 2026 | 21:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
WorkgroupMail 7.5.1 - 'WorkgroupMail' Unquoted Service Path

WorkgroupMail 7.5.1 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges during service startup.

Action-Not Available
Vendor-Softalk
Product-WorkgroupMail
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2019-25308
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-Not Assigned
Published-11 Feb, 2026 | 14:56
Updated-11 Feb, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mikogo 5.2.2.150317 - 'Mikogo-Service' Unquoted Service Path

Mikogo 5.2.2.150317 contains an unquoted service path vulnerability in the Mikogo-Service Windows service configuration. Attackers can exploit the unquoted path to inject and execute malicious code with LocalSystem privileges by placing executable files in specific path locations.

Action-Not Available
Vendor-LiteManager Team
Product-Mikogo
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2019-25309
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-Not Assigned
Published-11 Feb, 2026 | 14:56
Updated-11 Feb, 2026 | 21:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Zilab Remote Console Server 3.2.9 - 'Zilab Remote Console Server' Unquoted Service Path

Zilab Remote Console Server 3.2.9 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the service configuration to inject malicious executables that will be run with LocalSystem permissions.

Action-Not Available
Vendor-Zilab Software Inc
Product-Zilab Remote Console Server
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-54338
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 2.79%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 22:52
Updated-14 Jan, 2026 | 19:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tftpd32_SE 4.60 - 'Tftpd32_svc' Unquoted Service Path

Tftpd32 SE 4.60 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be run with system-level permissions.

Action-Not Available
Vendor-Pjo2
Product-Tftpd32_SE
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-54336
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 2.79%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 22:52
Updated-14 Jan, 2026 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mediconta 3.7.27 - 'servermedicontservice' Unquoted Service Path

Mediconta 3.7.27 contains an unquoted service path vulnerability in the servermedicontservice that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\medicont3\ to inject malicious code that would execute with LocalSystem permissions during service startup.

Action-Not Available
Vendor-Infonetsoftware
Product-Mediconta
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-53946
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.02% / 3.74%
||
7 Day CHG~0.00%
Published-19 Dec, 2025 | 21:05
Updated-23 Dec, 2025 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Arcsoft PhotoStudio 6.0.0.172 Unquoted Service Path Privilege Escalation

Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and trigger the service to execute arbitrary code with system-level permissions.

Action-Not Available
Vendor-Arcsoft
Product-PhotoStudio
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-53984
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.96%
||
7 Day CHG~0.00%
Published-13 Jan, 2026 | 22:52
Updated-14 Jan, 2026 | 19:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path

Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges. Attackers can exploit the misconfigured service path to inject and execute arbitrary code by placing malicious executables in specific file system locations.

Action-Not Available
Vendor-clevo
Product-HotKey Clipboard
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-53912
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 2.04%
||
7 Day CHG~0.00%
Published-17 Dec, 2025 | 22:44
Updated-18 Dec, 2025 | 15:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
USB Flash Drives Control 4.1.0.0 Unquoted Service Path Privilege Escalation

USB Flash Drives Control 4.1.0.0 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\USB Flash Drives Control\usbcs.exe' to inject malicious executables and escalate privileges on Windows systems.

Action-Not Available
Vendor-BiniSoft
Product-USB Flash Drives Control
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-53947
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 2.73%
||
7 Day CHG~0.00%
Published-19 Dec, 2025 | 21:05
Updated-23 Dec, 2025 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
OCS Inventory NG 2.3.0.0 Unquoted Service Path Privilege Escalation

OCS Inventory NG 2.3.0.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to system level. Attackers can place a malicious executable in the unquoted service path and trigger the service restart to execute code with elevated system privileges.

Action-Not Available
Vendor-oscinventory
Product-OCS Inventory NG
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-53954
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 2.50%
||
7 Day CHG~0.00%
Published-19 Dec, 2025 | 21:05
Updated-23 Dec, 2025 | 14:52
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ActFax 10.10 Unquoted Path Services Privilege Escalation Vulnerability

ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious ActSrvNT.exe executable to gain elevated system access when the service restarts.

Action-Not Available
Vendor-Actfax
Product-ActFax
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-53965
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.6||HIGH
EPSS-0.02% / 5.21%
||
7 Day CHG~0.00%
Published-22 Dec, 2025 | 21:35
Updated-29 Jan, 2026 | 16:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SOUND4 Server Service 4.1.102 Local Privilege Escalation via Unquoted Service Path

SOUND4 Server Service 4.1.102 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during service startup.

Action-Not Available
Vendor-sound4SOUND4 Ltd.
Product-ip_connect_firmwarestream_x2_firmwarevoice_ula8playout_ula8big_voice_firmwarevoice_ula4stream_x8voice_ula8_firmwareimpactfirst_firmwareip_connectpulsestream_x4stream_x8_firmwarewm2firstpulse_ecopulse_firmwarevoice_ula2_firmwareplayout_ula8_firmwarewm2_firmwarestream_x4_firmwarevoice_ula2voice_ula4_firmwarestream_x2impact_firmwarebig_voiceimpact_eco_firmwareimpact_ecopulse_eco_firmwareSOUND4 Server Service
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2019-25345
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-Not Assigned
Published-12 Feb, 2026 | 19:02
Updated-12 Feb, 2026 | 20:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
RTK IIS Codec Service 6.4.10041.133 - 'RtkI2SCodec' Unquote Service Path

Realtek IIS Codec Service 6.4.10041.133 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in the service configuration to inject malicious executables and escalate privileges on the system.

Action-Not Available
Vendor-Realtek Semiconductor Corp.
Product-RTK IIS Codec Service
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2021-23197
Matching Score-4
Assigner-Gallagher Group Ltd.
ShareView Details
Matching Score-4
Assigner-Gallagher Group Ltd.
CVSS Score-5.2||MEDIUM
EPSS-0.04% / 13.37%
||
7 Day CHG~0.00%
Published-18 Nov, 2021 | 18:01
Updated-16 Sep, 2024 | 18:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted service path vulnerability in the Gallagher Controller Service allows an unprivileged user to execute arbitrary code as the account that runs the Controller Service. This issue affects: Gallagher Command Centre 8.50 versions prior to 8.50.2048 (MR3) ;

Action-Not Available
Vendor-Gallagher Group Ltd.
Product-command_centreCommand Centre
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2025-10199
Matching Score-4
Assigner-CERT/CC
ShareView Details
Matching Score-4
Assigner-CERT/CC
CVSS Score-7.8||HIGH
EPSS-0.02% / 2.85%
||
7 Day CHG-0.01%
Published-09 Sep, 2025 | 17:30
Updated-03 Nov, 2025 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
A local privilege escalation vulnerability exists in LizardBytes' Sunshine for Windows

A local privilege escalation vulnerability exists in Sunshine for Windows (version v2025.122.141614 and likely prior versions) due to an unquoted service path.

Action-Not Available
Vendor-lizardbyteLizardByteMicrosoft Corporation
Product-windowssunshineSunshine for Windows
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2024-8975
Matching Score-4
Assigner-Grafana Labs
ShareView Details
Matching Score-4
Assigner-Grafana Labs
CVSS Score-7.3||HIGH
EPSS-0.07% / 21.87%
||
7 Day CHG~0.00%
Published-25 Sep, 2024 | 16:42
Updated-26 Dec, 2024 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Grafana Alloy on Windows Unquoted service path

Unquoted Search Path or Element vulnerability in Grafana Alloy on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Alloy: before 1.3.3, from 1.4.0-rc.0 through 1.4.0-rc.1.

Action-Not Available
Vendor-Microsoft CorporationGrafana Labs
Product-windowsalloyAlloyalloy
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2024-8996
Matching Score-4
Assigner-Grafana Labs
ShareView Details
Matching Score-4
Assigner-Grafana Labs
CVSS Score-7.3||HIGH
EPSS-0.06% / 18.78%
||
7 Day CHG~0.00%
Published-25 Sep, 2024 | 16:45
Updated-01 Oct, 2024 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Grafana Agent Flow on Windows Unquoted service path

Unquoted Search Path or Element vulnerability in Grafana Agent (Flow mode) on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Agent Flow: before 0.43.2

Action-Not Available
Vendor-Microsoft CorporationGrafana Labs
Product-windowsagentAgent Flowagent_flow_windows
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2024-9287
Matching Score-4
Assigner-Python Software Foundation
ShareView Details
Matching Score-4
Assigner-Python Software Foundation
CVSS Score-5.3||MEDIUM
EPSS-0.06% / 19.30%
||
7 Day CHG-0.00%
Published-22 Oct, 2024 | 16:34
Updated-03 Nov, 2025 | 23:17
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Virtual environment (venv) activation scripts don't quote paths

A vulnerability has been found in the CPython `venv` module and CLI where path names provided when creating a virtual environment were not quoted properly, allowing the creator to inject commands into virtual environment "activation" scripts (ie "source venv/bin/activate"). This means that attacker-controlled virtual environments are able to run commands when the virtual environment is activated. Virtual environments which are not created by an attacker or which aren't activated before being used (ie "./venv/bin/python") are not affected.

Action-Not Available
Vendor-Python Software Foundation
Product-pythonCPythoncpython
CWE ID-CWE-428
Unquoted Search Path or Element
CWE ID-CWE-77
Improper Neutralization of Special Elements used in a Command ('Command Injection')
CVE-2024-9325
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.5||HIGH
EPSS-0.04% / 13.57%
||
7 Day CHG~0.00%
Published-29 Sep, 2024 | 07:31
Updated-04 Nov, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Intelbras InControl incontrol-service-watchdog.exe unquoted search path

A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.

Action-Not Available
Vendor-intelbrasIntelbrasintelbras
Product-incontrol_webInControlincontrol
CWE ID-CWE-428
Unquoted Search Path or Element
CWE ID-CWE-426
Untrusted Search Path
CVE-2024-58315
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 2.22%
||
7 Day CHG~0.00%
Published-30 Dec, 2025 | 22:41
Updated-16 Jan, 2026 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Tosibox Key Service 3.3.0 Local Privilege Escalation via Unquoted Service Path

Tosibox Key Service 3.3.0 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the service startup process by inserting malicious code in the system root path, enabling unauthorized code execution during application startup or system reboot.

Action-Not Available
Vendor-tosiTosibox OyMicrosoft Corporation
Product-tosibox_keywindowsTosibox Key Service
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2024-6080
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.5||HIGH
EPSS-0.06% / 18.95%
||
7 Day CHG~0.00%
Published-17 Jun, 2024 | 23:00
Updated-04 Nov, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Intelbras InControl incontrolWebcam Service unquoted search path

A vulnerability classified as critical was found in Intelbras InControl 2.21.56. This vulnerability affects unknown code of the component incontrolWebcam Service. The manipulation leads to unquoted search path. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was contacted early about this disclosure and plans to provide a solution within the next few weeks.

Action-Not Available
Vendor-intelbrasIntelbrasintelbras
Product-incontrolInControlincontrol
CWE ID-CWE-428
Unquoted Search Path or Element
CWE ID-CWE-426
Untrusted Search Path
CVE-2022-39959
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.57% / 68.19%
||
7 Day CHG~0.00%
Published-07 Oct, 2022 | 00:00
Updated-03 Aug, 2024 | 12:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Panini Everest Engine 2.0.4 allows unprivileged users to create a file named Everest.exe in the %PROGRAMDATA%\Panini folder. This leads to privilege escalation because a service, running as SYSTEM, uses the unquoted path of %PROGRAMDATA%\Panini\Everest Engine\EverestEngine.exe and therefore a Trojan horse %PROGRAMDATA%\Panini\Everest.exe may be executed instead of the intended vendor-supplied EverestEngine.exe file.

Action-Not Available
Vendor-paninin/aMicrosoft Corporation
Product-windowseverest_enginen/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2024-5402
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
ShareView Details
Matching Score-4
Assigner-Asea Brown Boveri Ltd. (ABB)
CVSS Score-6.2||MEDIUM
EPSS-0.08% / 24.05%
||
7 Day CHG~0.00%
Published-15 Jul, 2024 | 11:57
Updated-01 Aug, 2024 | 21:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Mint Workbench I Unquoted Service Path Enumeration

Unquoted Search Path or Element vulnerability in ABB Mint Workbench. A local attacker who successfully exploited this vulnerability could gain elevated privileges by inserting an executable file in the path of the affected service. This issue affects Mint Workbench I versions: from 5866 before 5868.

Action-Not Available
Vendor-ABB
Product-mint_workbenchMint Workbench Imint_workbench
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-5012
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-5.3||MEDIUM
EPSS-0.04% / 12.30%
||
7 Day CHG~0.00%
Published-16 Sep, 2023 | 20:31
Updated-02 Aug, 2024 | 07:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Topaz OFD Protection Module Warsaw core.exe unquoted search path

A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads to unquoted search path. Attacking locally is a requirement. Upgrading to version 2.12.0.259 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-239853 was assigned to this vulnerability.

Action-Not Available
Vendor-topazevolutionTopaz
Product-ofdOFD
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-4991
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-7.8||HIGH
EPSS-0.17% / 38.36%
||
7 Day CHG~0.00%
Published-15 Sep, 2023 | 15:31
Updated-25 Sep, 2024 | 15:09
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NextBX QWAlerter QWAlerter.exe unquoted search path

A vulnerability was found in NextBX QWAlerter 4.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file QWAlerter.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. The identifier of this vulnerability is VDB-239804. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.

Action-Not Available
Vendor-quescomNextBX
Product-nextbx_qwalerterQWAlerter
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-8327
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-7.3||HIGH
EPSS-0.10% / 28.62%
||
7 Day CHG~0.00%
Published-14 Apr, 2020 | 21:05
Updated-17 Sep, 2024 | 00:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

A privilege escalation vulnerability was reported in LenovoBatteryGaugePackage for Lenovo System Interface Foundation bundled in Lenovo Vantage prior to version 10.2003.10.0 that could allow an authenticated user to execute code with elevated privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-vantageVantage
CWE ID-CWE-428
Unquoted Search Path or Element
CWE ID-CWE-269
Improper Privilege Management
CVE-2023-42486
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
ShareView Details
Matching Score-4
Assigner-Israel National Cyber Directorate (INCD)
CVSS Score-6.3||MEDIUM
EPSS-0.11% / 29.12%
||
7 Day CHG~0.00%
Published-27 Sep, 2023 | 12:13
Updated-23 Sep, 2024 | 20:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Fortect - CWE-428: Unquoted Search Path or Element

Fortect - CWE-428: Unquoted Search Path or Element, may be used by local user to elevate privileges.

Action-Not Available
Vendor-fortectFortect
Product-fortectFortect
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2024-4461
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
ShareView Details
Matching Score-4
Assigner-Spanish National Cybersecurity Institute, S.A. (INCIBE)
CVSS Score-7.8||HIGH
EPSS-0.03% / 6.82%
||
7 Day CHG~0.00%
Published-03 May, 2024 | 10:52
Updated-01 Aug, 2024 | 20:40
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unquoted path or search item vulnerability in SugarSync

Unquoted path or search item vulnerability in SugarSync versions prior to 4.1.3 for Windows. This misconfiguration could allow an unauthorized local user to inject arbitrary code into the unquoted service path, resulting in privilege escalation.

Action-Not Available
Vendor-SugarSyncsugarsync
Product-SugarSyncsugarsync
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2024-43457
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-2.81% / 85.81%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 16:54
Updated-31 Dec, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Setup and Deployment Elevation of Privilege Vulnerability

Windows Setup and Deployment Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_24h2Windows 11 Version 24H2
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2023-3438
Matching Score-4
Assigner-Trellix
ShareView Details
Matching Score-4
Assigner-Trellix
CVSS Score-4.4||MEDIUM
EPSS-0.03% / 8.02%
||
7 Day CHG-0.01%
Published-03 Jul, 2023 | 07:35
Updated-25 Oct, 2024 | 13:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe). The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services.

Action-Not Available
Vendor-Musarubra US LLC (Trellix)
Product-moveTrellix Move
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-36980
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.62%
||
7 Day CHG~0.00%
Published-27 Jan, 2026 | 18:51
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SAntivirus IC 10.0.21.61 - 'SAntivirusIC' Unquoted Service Path

SAntivirus IC 10.0.21.61 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted executable path to inject malicious files in the service binary path, enabling privilege escalation to system-level permissions.

Action-Not Available
Vendor-Segurazo
Product-SAntivirus IC
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-36930
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.44%
||
7 Day CHG-0.00%
Published-15 Jan, 2026 | 23:25
Updated-09 Feb, 2026 | 15:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SysGauge 7.9.18 - ' SysGauge Server' Unquoted Service Path

SysGauge Server 7.9.18 contains an unquoted service path vulnerability in its binary path configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\SysGauge Server\bin\sysgaus.exe' to inject malicious executables and escalate privileges.

Action-Not Available
Vendor-flexenseSysgauge
Product-sysgaugeSysGauge
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-36977
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.98%
||
7 Day CHG~0.00%
Published-27 Jan, 2026 | 18:51
Updated-29 Jan, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Wondershare Driver Install Service help 10.7.1.321 - 'ElevationService' Unquote Service Path

Wondershare Driver Install Service contains an unquoted service path vulnerability in the ElevationService executable that allows local attackers to potentially inject malicious code. Attackers can exploit the unquoted path to replace the service binary with a malicious executable, enabling privilege escalation to LocalSystem account.

Action-Not Available
Vendor-Wondershare
Product-Wondershare Driver Install Service help
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-36982
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 0.31%
||
7 Day CHG~0.00%
Published-27 Jan, 2026 | 18:51
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Motorola Device Manager 2.5.4 - 'MotoHelperService.exe' Unquoted Service Path

Motorola Device Manager 2.5.4 contains an unquoted service path vulnerability in the MotoHelperService.exe service that allows local users to potentially inject malicious code. Attackers can exploit the unquoted path in the service configuration to execute arbitrary code with elevated system privileges during service startup.

Action-Not Available
Vendor-Motorola-Device-Manager
Product-Motorola Device Manager
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-37016
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.96%
||
7 Day CHG~0.00%
Published-29 Jan, 2026 | 14:28
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
BarcodeOCR 19.3.6 - 'BarcodeOCR' Unquoted Service Path

BarcodeOCR 19.3.6 contains an unquoted service path vulnerability that allows local attackers to execute code with elevated privileges during system startup. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will run with LocalSystem privileges.

Action-Not Available
Vendor-Barcode-Ocr
Product-BarcodeOCR
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-36975
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.96%
||
7 Day CHG~0.00%
Published-27 Jan, 2026 | 18:51
Updated-29 Jan, 2026 | 17:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
EPSON Status Monitor 3 'EPSON_PM_RPCV4_06' - Unquoted Service Path

EPSON Status Monitor 3 version 8.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code by exploiting the service binary path. Attackers can leverage the unquoted path in 'C:\Program Files\Common Files\EPSON\EPW!3SSRP\E_S60RPB.EXE' to inject malicious executables and escalate privileges.

Action-Not Available
Vendor-SEIKO EPSON Corp
Product-Status Monitor 3
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-37020
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.96%
||
7 Day CHG~0.00%
Published-29 Jan, 2026 | 14:28
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
SonarQube 8.3.1 - Unquoted Service Path

SonarQube 8.3.1 contains an unquoted service path vulnerability that allows local attackers to gain SYSTEM privileges by exploiting the service executable path. Attackers can replace the wrapper.exe in the service path with a malicious executable to execute code with highest system privileges during service restart.

Action-Not Available
Vendor-Sonarqube
Product-SonarQube
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-37047
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.62%
||
7 Day CHG~0.00%
Published-01 Feb, 2026 | 14:38
Updated-03 Feb, 2026 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Deep Instinct Windows Agent 1.2.29.0 - 'DeepMgmtService' Unquoted Service Path

Deep Instinct Windows Agent 1.2.29.0 contains an unquoted service path vulnerability in the DeepMgmtService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files\HP Sure Sense\DeepMgmtService.exe to inject malicious code that would execute with LocalSystem permissions during service startup.

Action-Not Available
Vendor-Deepinstinct
Product-Deep Instinct Windows Agent
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-36986
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.96%
||
7 Day CHG~0.00%
Published-28 Jan, 2026 | 12:28
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Prey 1.9.6 - "CronService" Unquoted Service Path

Prey 1.9.6 contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in the CronService to insert malicious code that would execute during application startup or system reboot.

Action-Not Available
Vendor-Preyproject
Product-Prey
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-36952
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 0.25%
||
7 Day CHG~0.00%
Published-26 Jan, 2026 | 16:00
Updated-27 Jan, 2026 | 14:59
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
IObit Uninstaller 10 Pro - Unquoted Service Path

IObit Uninstaller 10 Pro contains an unquoted service path vulnerability that allows local users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted service path in the IObit Uninstaller Service to insert malicious code that would execute with SYSTEM-level permissions during service startup.

Action-Not Available
Vendor-Iobit
Product-IObit Uninstaller
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-37063
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.62%
||
7 Day CHG~0.00%
Published-01 Feb, 2026 | 14:38
Updated-03 Feb, 2026 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
TFTP Turbo 4.6.1273 - 'TFTP Turbo 4' Unquoted Service Path

TFTP Turbo 4.6.1273 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will be launched with LocalSystem permissions.

Action-Not Available
Vendor-Weird-Solutions
Product-TFTP Turbo
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-36935
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.96%
||
7 Day CHG~0.00%
Published-25 Jan, 2026 | 14:01
Updated-26 Jan, 2026 | 15:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
KMSpico 17.1.0.0 - 'Service KMSELDI' Unquoted Service Path

KMSpico 17.1.0.0 contains an unquoted service path vulnerability in the Service KMSELDI configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path in C:\Program Files\KMSpico\Service_KMS.exe to inject malicious executables and escalate privileges.

Action-Not Available
Vendor-KMSpico
Product-Service KMSELDI
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-37100
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.96%
||
7 Day CHG~0.00%
Published-03 Feb, 2026 | 14:49
Updated-03 Feb, 2026 | 17:06
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Sync Breeze Enterprise 12.4.18 - Unquoted Service Path

Sync Breeze Enterprise 12.4.18 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path by placing malicious executables in specific file system locations to hijack the service startup process.

Action-Not Available
Vendor-SyncBreeze
Product-Sync Breeze Enterprise
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-36991
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.96%
||
7 Day CHG~0.00%
Published-28 Jan, 2026 | 12:29
Updated-29 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
ShareMouse 5.0.43 - 'ShareMouse Service' Unquoted Service Path

ShareMouse 5.0.43 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the insecure service path configuration by placing malicious executables in specific system directories to gain elevated access during service startup.

Action-Not Available
Vendor-Sharemouse
Product-ShareMouse
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-36937
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.96%
||
7 Day CHG~0.00%
Published-25 Jan, 2026 | 14:01
Updated-26 Jan, 2026 | 16:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
MEMU PLAY 3.7.0 - 'MEmusvc' Unquoted Service Path

Microvirt MEMU Play 3.7.0 contains an unquoted service path vulnerability in the MEmusvc Windows service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with elevated LocalSystem privileges.

Action-Not Available
Vendor-Microvirt
Product-MEMU PLAY
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-36936
Matching Score-4
Assigner-VulnCheck
ShareView Details
Matching Score-4
Assigner-VulnCheck
CVSS Score-8.5||HIGH
EPSS-0.01% / 1.86%
||
7 Day CHG~0.00%
Published-25 Jan, 2026 | 14:01
Updated-26 Jan, 2026 | 16:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Magic Mouse 2 utilities 2.20 - 'magicmouse2service' Unquoted Service Path

Magic Mouse 2 Utilities 2.20 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path to inject malicious executables and gain elevated system privileges by placing a malicious file in the service path.

Action-Not Available
Vendor-Magic Utilities
Product-Magic Mouse 2 utilities
CWE ID-CWE-428
Unquoted Search Path or Element
  • Previous
  • 1
  • 2
  • 3
  • 4
  • 5
  • Next
Details not found