VYPR
Unrated severityNVD Advisory· Published Jan 15, 2026· Updated Jan 16, 2026

Brother BRAgent 1.38 - 'WBA_Agent_Client' Unquoted Service Path

CVE-2020-36928

Description

Brother BRAgent 1.38 contains an unquoted service path vulnerability in the WBA_Agent_Client service running with LocalSystem privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Brother\BRAgent\ to inject and execute malicious code with elevated system permissions.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Brother/BRAgentllm-create2 versions
    <=1.38+ 1 more
    • (no CPE)range: <=1.38
    • (no CPE)range: 1.38

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.

CVE-2020-36928 · VYPR