VYPR

CWE-428

Unquoted Search Path or Element

BaseDraft

Description

The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

If a malicious individual has access to the file system, it is possible to elevate privileges by inserting such a file as "C:\Program.exe" to be run by a privileged program making use of WinExec.

Hierarchy (View 1000)

Parents

Children

none

CVEs mapped to this weakness (233)

page 2 of 12
  • CVE-2021-47739HigDec 23, 2025
    risk 0.55cvss 8.4epss 0.00

    Epic Games Easy Anti-Cheat 4.0 contains an unquoted service path vulnerability that allows local non-privileged users to execute arbitrary code with elevated system privileges. Attackers can exploit the service configuration by inserting malicious code in the system root path…

  • CVE-2022-50688HigDec 22, 2025
    risk 0.55cvss 8.4epss 0.00

    Cobian Backup Gravity 11.2.0.582 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the CobianBackup11 service to inject malicious code…

  • CVE-2023-53947HigDec 19, 2025
    risk 0.55cvss 8.4epss 0.00

    OCS Inventory NG 2.3.0.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to system level. Attackers can place a malicious executable in the unquoted service path and trigger the service restart to execute code with elevated…

  • CVE-2023-53946HigDec 19, 2025
    risk 0.55cvss 8.4epss 0.00

    Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and trigger the service to execute arbitrary code…

  • CVE-2020-36879HigDec 5, 2025
    risk 0.55cvss epss 0.00

    Flexsense DiskBoss 11.7.28 allows unauthenticated attackers to elevate their privileges using any of its services, enabling remote code execution during startup or reboot with escalated privileges. Attackers can exploit the unquoted service path vulnerability by specifying a…

  • CVE-2025-10714HigNov 11, 2025
    risk 0.55cvss 8.4epss 0.00

    AXIS Optimizer was vulnerable to an unquoted search path vulnerability, which could potentially lead to privilege escalation within Microsoft Windows operating system. This vulnerability can only be exploited if the attacker has access to the local Windows machine and sufficient…

  • CVE-2018-10619HigJun 7, 2018
    risk 0.54cvss 7.8epss 0.03

    An unquoted search path or element in RSLinx Classic Versions 3.90.01 and prior and FactoryTalk Linx Gateway Versions 3.90.00 and prior may allow an authorized, but non-privileged local user to execute arbitrary code and allow a threat actor to escalate user privileges on the…

  • CVE-2024-34010HigApr 29, 2024
    risk 0.53cvss 8.2epss 0.00

    Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Windows) before build 38690, Acronis True Image (Windows) before build 42386,…

  • CVE-2021-47974HigMay 16, 2026
    risk 0.51cvss 7.8epss 0.00

    VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search…

  • CVE-2020-37247HigMay 16, 2026
    risk 0.51cvss 7.8epss 0.00

    Kite 4.2.0.1 U1 contains an unquoted service path vulnerability in the KiteService Windows service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed…

  • CVE-2020-37232HigMay 16, 2026
    risk 0.51cvss 7.8epss 0.00

    Advanced System Care Service 13.0.0.157 contains an unquoted service path vulnerability in the AdvancedSystemCareService13 service binary path that allows local attackers to escalate privileges. Attackers can place malicious executables in the system root path that will be…

  • CVE-2020-37231HigMay 16, 2026
    risk 0.51cvss 7.8epss 0.00

    Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in the unquoted path directories to…

  • CVE-2020-37230HigMay 16, 2026
    risk 0.51cvss 7.8epss 0.00

    Syncplify.me Server! 5.0.37 contains an unquoted service path vulnerability in the SMWebRestServicev5 service that allows local attackers to escalate privileges by exploiting the unquoted binary path. Attackers can insert a malicious executable into the service path and execute…

  • CVE-2020-37229HigMay 16, 2026
    risk 0.51cvss 7.8epss 0.00

    OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows local attackers to escalate privileges by inserting executable files into the unquoted path. Attackers can place a malicious executable in a directory within the…

  • CVE-2020-37223HigMay 13, 2026
    risk 0.51cvss 7.8epss 0.00

    IObit Uninstaller 9.5.0.15 contains an unquoted service path vulnerability in the IObitUnSvr service that allows local attackers to escalate privileges to SYSTEM level. Attackers can place a malicious executable named IObit.exe in the C:\Program Files (x86)\IObit directory and…

  • CVE-2021-47945HigMay 10, 2026
    risk 0.51cvss 7.8epss 0.00

    Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be…

  • CVE-2026-5789HigApr 21, 2026
    risk 0.51cvss 7.8epss 0.00

    Vulnerability related to an unquoted search path in CivetWeb v1.16. This vulnerability allows a local attacker to execute arbitrary code with elevated privileges by placing a malicious executable in a directory that is scanned before the intended application path (C:\Program…

  • CVE-2016-20061HigApr 4, 2026
    risk 0.51cvss 7.8epss 0.00

    sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can insert a malicious executable in the unquoted path and trigger service restart or…

  • CVE-2016-20060HigApr 4, 2026
    risk 0.51cvss 7.8epss 0.00

    Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attackers to escalate privileges by injecting malicious executables. Attackers can place executable files in the service path and upon service restart or system…

  • CVE-2016-20059HigApr 4, 2026
    risk 0.51cvss 7.8epss 0.00

    IObit Malware Fighter 4.3.1 contains an unquoted service path vulnerability in the IMFservice and LiveUpdateSvc services that allows local attackers to escalate privileges. Attackers can insert a malicious executable file in the unquoted service path and trigger privilege…