Unquoted Service Path | |||
Severity: High | CVSS Score: 7.8 | CWE-ID: CWE-428 | Status: Open |
Vulnerability Description | |||
If the path is not written between quotes and if any folder name in the path has a space in its name windows will append ".exe" and start looking for an executable, starting with the shortest possible path. | |||
CVSS Base Score | |||
Attack Vector | Local | Scope | Changed |
Attack Complexity | Low | Confidentiality Impact | High |
Privileges Required | Low | Integrity Impact | High |
User Interaction | None | Availability Impact | High |
Full details about the vulnerability will be disclosed once the vendor has provided a patch.