Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2022-31590

Summary
Assigner-sap
Assigner Org ID-e4686d1a-f260-4930-ac4c-2f5c992778dd
Published At-14 Jun, 2022 | 18:39
Updated At-03 Aug, 2024 | 07:19
Rejected At-
Credits

SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the application during application start up or reboot, potentially compromising Confidentiality, Integrity and Availability of the system.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:sap
Assigner Org ID:e4686d1a-f260-4930-ac4c-2f5c992778dd
Published At:14 Jun, 2022 | 18:39
Updated At:03 Aug, 2024 | 07:19
Rejected At:
▼CVE Numbering Authority (CNA)

SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the application during application start up or reboot, potentially compromising Confidentiality, Integrity and Availability of the system.

Affected Products
Vendor
SAP SESAP SE
Product
SAP PowerDesigner Proxy 16.7
Versions
Affected
  • 16.7
Problem Types
TypeCWE IDDescription
CWECWE-428CWE-428
Type: CWE
CWE ID: CWE-428
Description: CWE-428
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
x_refsource_MISC
https://launchpad.support.sap.com/#/notes/3197005
x_refsource_MISC
Hyperlink: https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Resource:
x_refsource_MISC
Hyperlink: https://launchpad.support.sap.com/#/notes/3197005
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
x_refsource_MISC
x_transferred
https://launchpad.support.sap.com/#/notes/3197005
x_refsource_MISC
x_transferred
Hyperlink: https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Resource:
x_refsource_MISC
x_transferred
Hyperlink: https://launchpad.support.sap.com/#/notes/3197005
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cna@sap.com
Published At:14 Jun, 2022 | 19:15
Updated At:24 Jun, 2022 | 17:05

SAP PowerDesigner Proxy - version 16.7, allows an attacker with low privileges and has local access, with the ability to work around system’s root disk access restrictions to Write/Create a program file on system disk root path, which could then be executed with elevated privileges of the application during application start up or reboot, potentially compromising Confidentiality, Integrity and Availability of the system.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.17.8HIGH
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Primary2.07.2HIGH
AV:L/AC:L/Au:N/C:C/I:C/A:C
Type: Primary
Version: 3.1
Base score: 7.8
Base severity: HIGH
Vector:
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Type: Primary
Version: 2.0
Base score: 7.2
Base severity: HIGH
Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C
CPE Matches
SAP SE
sap
>>powerdesigner_proxy>>16.7
cpe:2.3:a:sap:powerdesigner_proxy:16.7:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
NVD-CWE-noinfoPrimarynvd@nist.gov
CWE-428Secondarycna@sap.com
CWE ID: NVD-CWE-noinfo
Type: Primary
Source: nvd@nist.gov
CWE ID: CWE-428
Type: Secondary
Source: cna@sap.com
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://launchpad.support.sap.com/#/notes/3197005cna@sap.com
Permissions Required
Vendor Advisory
https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.htmlcna@sap.com
Vendor Advisory
Hyperlink: https://launchpad.support.sap.com/#/notes/3197005
Source: cna@sap.com
Resource:
Permissions Required
Vendor Advisory
Hyperlink: https://www.sap.com/documents/2022/02/fa865ea4-167e-0010-bca6-c68f7e60039b.html
Source: cna@sap.com
Resource:
Vendor Advisory

Change History

0
Information is not available yet

Similar CVEs

129Records found
CVE-2022-27050
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.00%
||
7 Day CHG~0.00%
Published-31 Mar, 2022 | 22:11
Updated-03 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BitComet Service for Windows before version 1.8.6 contains an unquoted service path vulnerability which allows attackers to escalate privileges to the system level.

Action-Not Available
Vendor-bitcometn/aMicrosoft Corporation
Product-windowsbitcometn/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2022-27095
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.05%
||
7 Day CHG~0.00%
Published-20 May, 2022 | 12:48
Updated-03 Aug, 2024 | 05:18
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

BattlEye v0.9 contains an unquoted service path which allows attackers to escalate privileges to the system level.

Action-Not Available
Vendor-battleyen/a
Product-battleyen/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2022-26634
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.14% / 34.21%
||
7 Day CHG~0.00%
Published-20 May, 2022 | 12:47
Updated-03 Aug, 2024 | 05:11
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

HMA VPN v5.3.5913.0 contains an unquoted service path which allows attackers to escalate privileges to the system level.

Action-Not Available
Vendor-hman/a
Product-hidemyassn/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2018-5470
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.07%
||
7 Day CHG~0.00%
Published-26 Mar, 2018 | 14:00
Updated-16 Sep, 2024 | 23:01
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Philips IntelliSpace Portal all versions of 8.0.x, and 7.0.x have an unquoted search path or element vulnerability that has been identified, which may allow an authorized local user to execute arbitrary code and escalate their level of privileges.

Action-Not Available
Vendor-Philips
Product-intellispace_portalPhilips IntelliSpace Portal
CWE ID-CWE-428
Unquoted Search Path or Element
CWE ID-CWE-426
Untrusted Search Path
CVE-2022-25031
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.04% / 12.63%
||
7 Day CHG~0.00%
Published-03 Mar, 2022 | 14:04
Updated-03 Aug, 2024 | 04:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Remote Desktop Commander Suite Agent before v4.8 contains an unquoted service path which allows attackers to escalate privileges to the system level.

Action-Not Available
Vendor-rdpsoftn/a
Product-remote_desktop_commander_suite_agentn/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2024-43457
Matching Score-4
Assigner-Microsoft Corporation
ShareView Details
Matching Score-4
Assigner-Microsoft Corporation
CVSS Score-7.8||HIGH
EPSS-4.55% / 88.76%
||
7 Day CHG~0.00%
Published-10 Sep, 2024 | 16:54
Updated-31 Dec, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows Setup and Deployment Elevation of Privilege Vulnerability

Windows Setup and Deployment Elevation of Privilege Vulnerability

Action-Not Available
Vendor-Microsoft Corporation
Product-windows_11_24h2Windows 11 Version 24H2
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2022-2147
Matching Score-4
Assigner-Cloudflare, Inc.
ShareView Details
Matching Score-4
Assigner-Cloudflare, Inc.
CVSS Score-6.5||MEDIUM
EPSS-0.10% / 28.35%
||
7 Day CHG~0.00%
Published-23 Jun, 2022 | 21:00
Updated-03 Aug, 2024 | 00:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Unquoted Service Path in Cloudflare WARP for Windows

Cloudflare Warp for Windows from version 2022.2.95.0 contained an unquoted service path which enables arbitrary code execution leading to privilege escalation. The fix was released in version 2022.3.186.0.

Action-Not Available
Vendor-Cloudflare, Inc.
Product-warpWARP
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2018-16098
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-7.8||HIGH
EPSS-0.06% / 16.94%
||
7 Day CHG~0.00%
Published-24 Jan, 2019 | 22:00
Updated-16 Sep, 2024 | 16:32
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

In some Lenovo ThinkPads, an unquoted search path vulnerability was found in various versions of the Synaptics Pointing Device driver which could allow unauthorized code execution as a low privilege user.

Action-Not Available
Vendor-Microsoft CorporationLenovo Group Limited
Product-thinkpad_t420sthinkpad_x1_carbon_firmwarethinkpad_t431sthinkpad_t580_firmwarewindows_8.1thinkpad_w541thinkpad_t530_firmwarethinkpad_x220_tablet_firmwarethinkpad_t570windows_10thinkpad_w541_firmwarethinkpad_w530thinkpad_x280_firmwarethinkpad_t460sthinkpad_t540thinkpad_t550thiankpad_x1_extremethinkpad_x240s_firmwarethinkpad_x1_firmwarethiankpad_p50s_firmwarethiankpad_l530_firmwarethiankpad_p52sthinkpad_w550sthiankpad_x1_extreme_firmwarethiankpad_p51thinkpad_x240sthiankpad_t420thiankpad_t420ithinkpad_t430s_firmwarethinkpad_x220ithinkpad_t470s_firmwarethiankpad_s1_yoga_firmwarethinkpad_x220i_firmwarethinkpad_t440thinkpad_t440_firmwarethiankpad_l530thinkpad_yoga_11ethinkpad_t520ithinkpad_x280thinkpad_t440sthinkpad_x230ithinkpad_t420sithinkpad_x230_tabletthinkpad_twistthiankpad_p70thinkpad_x230i_tabletthinkpad_s230u_firmwarethiankpad_p51sthinkpad_t520i_firmwaresynaptics_thinkpad_ultranav_driverthinkpad_x230thinkpad_x250thinkpad_t440p_firmwarethinkpad_t540pthinkpad_t540_firmwarethinkpad_t540p_firmwarethinkpad_t440s_firmwarethinkpad_t440pthinkpad_t560thinkpad_t530i_firmwarethinkpad_t460s_firmwarethiankpad_p1thinkpad_t470thiankpad_p1_firmwarethinkpad_t560_firmwarethinkpad_x230sthinkpad_t580thinkpad_x1_yoga_firmwarethinkpad_x240thinkpad_x1_yogathinkpad_x240_firmwarethinkpad_t430sthinkpad_x1_carbonthinkpad_x230i_firmwarethinkpad_t570_firmwarethiankpad_s1_yogathiankpad_p70_firmwarethinkpad_t420s_firmwarethinkpad_t520thinkpad_helix_firmwarethinkpad_t430ithinkpad_w530_firmwarethinkpad_x230_firmwarethinkpad_t430i_firmwarethiankpad_p50sthinkpad_x230i_tablet_firmwarethiankpad_p51_firmwarethiankpad_p51s_firmwarethinkpad_x230_tablet_firmwarethinkpad_t420si_firmwarethinkpad_x1thinkpad_t520_firmwarethinkpad_x1_hybridthiankpad_s430thiankpad_p52s_firmwarethinkpad_t550_firmwarethinkpad_w540_firmwarethinkpad_x220thinkpad_t470sthiankpad_t420_firmwarethiankpad_s430_firmwarethiankpad_l430thinkpad_helixthinkpad_w550s_firmwarethinkpad_w540thiankpad_l430_firmwarethinkpad_t530ithinkpad_x230s_firmwarethinkpad_x220_firmwarethinkpad_s230uthinkpad_t431s_firmwarethinkpad_x250_firmwarewindows_7thinkpad_x220_tabletthinkpad_t530thinkpad_x1_hybrid_firmwarethiankpad_t420i_firmwarethinkpad_t470_firmwarethinkpad_yoga_11e_firmwarethinkpad_twist_firmwareVarious ThinkPad products
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2024-9325
Matching Score-4
Assigner-VulDB
ShareView Details
Matching Score-4
Assigner-VulDB
CVSS Score-8.5||HIGH
EPSS-0.06% / 18.37%
||
7 Day CHG~0.00%
Published-29 Sep, 2024 | 07:31
Updated-04 Nov, 2024 | 19:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Intelbras InControl incontrol-service-watchdog.exe unquoted search path

A vulnerability classified as critical has been found in Intelbras InControl up to 2.21.56. This affects an unknown part of the file C:\Program Files (x86)\Intelbras\Incontrol Cliente\incontrol_webcam\incontrol-service-watchdog.exe. The manipulation leads to unquoted search path. It is possible to launch the attack on the local host. Upgrading to version 2.21.58 is able to address this issue. It is recommended to upgrade the affected component. The vendor was informed early on 2024-08-05 about this issue. The release of a fixed version 2.21.58 was announced for the end of August 2024 but then was postponed until 2024-09-20.

Action-Not Available
Vendor-intelbrasIntelbrasintelbras
Product-incontrol_webInControlincontrol
CWE ID-CWE-428
Unquoted Search Path or Element
CWE ID-CWE-426
Untrusted Search Path
CVE-2021-45819
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-6.4||MEDIUM
EPSS-0.04% / 8.80%
||
7 Day CHG~0.00%
Published-03 Mar, 2022 | 14:04
Updated-04 Aug, 2024 | 04:54
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Wordline HIDCCEMonitorSVC before v5.2.4.3 contains an unquoted service path which allows attackers to escalate privileges to the system level.

Action-Not Available
Vendor-wordlinen/a
Product-hidccemonitorsvcn/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2021-46368
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 27.30%
||
7 Day CHG~0.00%
Published-17 Feb, 2022 | 11:23
Updated-04 Aug, 2024 | 05:02
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

TRIGONE Remote System Monitor 3.61 is vulnerable to an unquoted path service allowing local users to launch processes with elevated privileges.

Action-Not Available
Vendor-trigonesoftn/a
Product-remote_system_monitorn/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2021-43455
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.13% / 33.59%
||
7 Day CHG~0.00%
Published-04 Apr, 2022 | 14:23
Updated-04 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Unquoted Service Path vulnerability exists in FreeLAN 2.2 via a specially crafted file in the FreeLAN Service path.

Action-Not Available
Vendor-freelann/a
Product-freelann/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2024-8975
Matching Score-4
Assigner-Grafana Labs
ShareView Details
Matching Score-4
Assigner-Grafana Labs
CVSS Score-7.3||HIGH
EPSS-0.01% / 1.51%
||
7 Day CHG~0.00%
Published-25 Sep, 2024 | 16:42
Updated-26 Dec, 2024 | 15:00
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Grafana Alloy on Windows Unquoted service path

Unquoted Search Path or Element vulnerability in Grafana Alloy on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Alloy: before 1.3.3, from 1.4.0-rc.0 through 1.4.0-rc.1.

Action-Not Available
Vendor-Microsoft CorporationGrafana Labs
Product-windowsalloyAlloyalloy
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2021-43456
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.16% / 37.21%
||
7 Day CHG~0.00%
Published-04 Apr, 2022 | 14:37
Updated-04 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Unquoted Service Path vulnerablility exists in Rumble Mail Server 0.51.3135 via via a specially crafted file in the RumbleService executable service path.

Action-Not Available
Vendor-rumble_mail_server_projectn/a
Product-rumble_mail_servern/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2021-42563
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.50%
||
7 Day CHG~0.00%
Published-12 Nov, 2021 | 20:48
Updated-04 Aug, 2024 | 03:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an Unquoted Service Path in NI Service Locator (nisvcloc.exe) in versions prior to 18.0 on Windows. This may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.

Action-Not Available
Vendor-nin/aMicrosoft Corporation
Product-windowsni_service_locatorn/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2021-43460
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.10% / 29.04%
||
7 Day CHG~0.00%
Published-04 Apr, 2022 | 15:29
Updated-04 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Unquoted Service Path vulnerability exists in System Explorer 7.0.0 via via a specially crafted file in the SystemExplorerHelpService service executable path.

Action-Not Available
Vendor-systemexplorern/a
Product-system_explorern/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2021-43457
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.08% / 24.06%
||
7 Day CHG~0.00%
Published-04 Apr, 2022 | 14:45
Updated-04 Aug, 2024 | 03:55
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An Unquoted Service Path vulnerability exists in bVPN 2.5.1 via a specially crafted file in the waselvpnserv service path.

Action-Not Available
Vendor-bvpnn/a
Product-bvpnn/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2017-6015
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
ShareView Details
Matching Score-4
Assigner-Cybersecurity and Infrastructure Security Agency (CISA) Industrial Control Systems (ICS)
CVSS Score-7.8||HIGH
EPSS-0.05% / 16.52%
||
7 Day CHG~0.00%
Published-11 May, 2018 | 13:00
Updated-16 Sep, 2024 | 21:07
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Without quotation marks, any whitespace in the file path for Rockwell Automation FactoryTalk Activation version 4.00.02 remains ambiguous, which may allow an attacker to link to or run a malicious executable. This may allow an authorized, but not privileged local user to execute arbitrary code with elevated privileges on the system. CVSS v3 base score: 8.8, CVSS vector string: (AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). Rockwell Automation has released a new version of FactoryTalk Activation, Version 4.01, which addresses the identified vulnerability. Rockwell Automation recommends upgrading to the latest version of FactoryTalk Activation, Version 4.01 or later.

Action-Not Available
Vendor-Rockwell Automation, Inc.
Product-factorytalk_activationFactoryTalk Activation
CWE ID-CWE-428
Unquoted Search Path or Element
CWE ID-CWE-74
Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')
CVE-2017-3141
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
ShareView Details
Matching Score-4
Assigner-Internet Systems Consortium (ISC)
CVSS Score-7.2||HIGH
EPSS-2.55% / 84.91%
||
7 Day CHG~0.00%
Published-16 Jan, 2019 | 20:00
Updated-16 Sep, 2024 | 17:23
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Windows service and uninstall paths are not quoted when BIND is installed

The BIND installer on Windows uses an unquoted service path which can enable a local user to achieve privilege escalation if the host file system permissions allow this. Affects BIND 9.2.6-P2->9.2.9, 9.3.2-P1->9.3.6, 9.4.0->9.8.8, 9.9.0->9.9.10, 9.10.0->9.10.5, 9.11.0->9.11.1, 9.9.3-S1->9.9.10-S1, 9.10.5-S1.

Action-Not Available
Vendor-Internet Systems Consortium, Inc.
Product-bindBIND 9
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2017-3751
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.47%
||
7 Day CHG~0.00%
Published-10 Aug, 2017 | 00:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unquoted service path vulnerability was identified in the driver for the ThinkPad Compact USB Keyboard with TrackPoint versions earlier than 1.5.5.0. This could allow an attacker with local privileges to execute code with administrative privileges.

Action-Not Available
Vendor-Lenovo Group Limited
Product-thinkpad_compact_usb_keyboard_driverThinkPad Compact USB Keyboard with TrackPoint Driver
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2017-3757
Matching Score-4
Assigner-Lenovo Group Ltd.
ShareView Details
Matching Score-4
Assigner-Lenovo Group Ltd.
CVSS Score-7.8||HIGH
EPSS-0.04% / 11.47%
||
7 Day CHG~0.00%
Published-28 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An unquoted service path vulnerability was identified in the driver for the ElanTech Touchpad, various versions, used on some Lenovo brand notebooks (not ThinkPads). This could allow an attacker with local privileges to execute code with administrative privileges.

Action-Not Available
Vendor-ELAN Microelectronics CorporationLenovo Group Limited
Product-elan_touchpad_driverLenovo ElanTech Touchpad driver
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2017-3005
Matching Score-4
Assigner-Adobe Systems Incorporated
ShareView Details
Matching Score-4
Assigner-Adobe Systems Incorporated
CVSS Score-7.8||HIGH
EPSS-0.39% / 59.34%
||
7 Day CHG~0.00%
Published-12 Apr, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Adobe Photoshop versions CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier have an unquoted search path vulnerability.

Action-Not Available
Vendor-n/aAdobe Inc.Microsoft Corporation
Product-windowsphotoshop_ccAdobe Photoshop CC 2017 (18.0.1) and earlier, CC 2015.5.1 (17.0.1) and earlier.
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2021-31776
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.12%
||
7 Day CHG~0.00%
Published-29 Apr, 2021 | 00:03
Updated-03 Aug, 2024 | 23:03
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Aviatrix VPN Client before 2.14.14 on Windows has an unquoted search path that enables local privilege escalation to the SYSTEM user, if the machine is misconfigured to allow unprivileged users to write to directories that are supposed to be restricted to administrators.

Action-Not Available
Vendor-n/aMicrosoft CorporationAviatrix Systems, Inc.
Product-windowsvpn_clientn/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2017-15383
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 14.59%
||
7 Day CHG~0.00%
Published-16 Oct, 2017 | 17:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Nero 7.10.1.0 has an unquoted BINARY_PATH_NAME for NBService, exploitable via a Trojan horse Nero.exe file in the %PROGRAMFILES(x86)%\Nero directory.

Action-Not Available
Vendor-neron/a
Product-neron/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2022-38101
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-6.7||MEDIUM
EPSS-0.07% / 22.05%
||
7 Day CHG~0.00%
Published-10 May, 2023 | 13:17
Updated-24 Jan, 2025 | 17:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Uncontrolled search path in some Intel(R) NUC Chaco Canyon BIOS update software before version iFlashV Windows 5.13.00.2105 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-iflashvnuc_board_nuc8cchbnuc_8_rugged_kit_nuc8cchkrIntel(R) NUC Chaco Canyon BIOS update software
CWE ID-CWE-427
Uncontrolled Search Path Element
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2022-35899
Matching Score-4
Assigner-MITRE Corporation
ShareView Details
Matching Score-4
Assigner-MITRE Corporation
CVSS Score-7.8||HIGH
EPSS-0.59% / 68.28%
||
7 Day CHG~0.00%
Published-21 Jul, 2022 | 16:14
Updated-03 Aug, 2024 | 09:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%\ASUS\GameSDK.exe file.

Action-Not Available
Vendor-n/aMicrosoft CorporationASUS (ASUSTeK Computer Inc.)
Product-windowsaura_ready_game_software_development_kitn/a
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2021-33095
Matching Score-4
Assigner-Intel Corporation
ShareView Details
Matching Score-4
Assigner-Intel Corporation
CVSS Score-7.8||HIGH
EPSS-0.05% / 15.82%
||
7 Day CHG~0.00%
Published-17 Nov, 2021 | 18:52
Updated-03 Aug, 2024 | 23:42
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Unquoted search path in the installer for the Intel(R) NUC M15 Laptop Kit Keyboard LED Service driver pack before version 1.0.0.4 may allow an authenticated user to potentially enable escalation of privilege via local access.

Action-Not Available
Vendor-n/aIntel Corporation
Product-nuc_m15_laptop_kit_keyboard_led_service_driver_packnuc_m15_laptop_kit_lapbc710nuc_m15_laptop_kit_lapbc510Intel(R) NUC M15 Laptop Kit Keyboard LED Service driver pack
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2024-8996
Matching Score-4
Assigner-Grafana Labs
ShareView Details
Matching Score-4
Assigner-Grafana Labs
CVSS Score-7.3||HIGH
EPSS-0.03% / 7.63%
||
7 Day CHG~0.00%
Published-25 Sep, 2024 | 16:45
Updated-01 Oct, 2024 | 19:16
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Grafana Agent Flow on Windows Unquoted service path

Unquoted Search Path or Element vulnerability in Grafana Agent (Flow mode) on Windows allows Privilege Escalation from Local User to SYSTEM This issue affects Agent Flow: before 0.43.2

Action-Not Available
Vendor-Microsoft CorporationGrafana Labs
Product-windowsagentAgent Flowagent_flow_windows
CWE ID-CWE-428
Unquoted Search Path or Element
CVE-2020-35152
Matching Score-4
Assigner-Cloudflare, Inc.
ShareView Details
Matching Score-4
Assigner-Cloudflare, Inc.
CVSS Score-4.5||MEDIUM
EPSS-0.05% / 16.77%
||
7 Day CHG~0.00%
Published-02 Feb, 2021 | 23:35
Updated-16 Sep, 2024 | 22:25
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Privilege escalation through unquoted service binary path on Cloudflare WARP for Windows

Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service's binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1.

Action-Not Available
Vendor-Cloudflare, Inc.
Product-warpCloudflare WARP for Windows
CWE ID-CWE-428
Unquoted Search Path or Element
  • Previous
  • 1
  • 2
  • 3
  • Next
Details not found