High severity8.4NVD Advisory· Published Dec 19, 2025· Updated Apr 15, 2026

CVE-2023-53949

Description

AspEmail 5.6.0.2 contains a binary permission vulnerability that allows local users to escalate privileges through the Persits Software EmailAgent service. Attackers can exploit full write permissions in the BIN directory to replace the service executable and gain elevated system access.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.aspemail.comnvd
www.exploit-db.com/exploits/51380nvd
www.vulncheck.com/advisories/aspemail-local-privilege-escalation-via-binary-permission-vulnerabilitynvd

News mentions

No linked articles in our index yet.

cvss	0.546
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000