Описание
Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and trigger the service to execute arbitrary code with system-level permissions.
EPSS
Процентиль: 4%
0.00018
Низкий
8.4 High
CVSS3
Дефекты
CWE-428
Связанные уязвимости
CVSS3: 8.4
github
около 2 месяцев назад
Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and trigger the service to execute arbitrary code with system-level permissions.
EPSS
Процентиль: 4%
0.00018
Низкий
8.4 High
CVSS3
Дефекты
CWE-428