CVE-2021-45460

HIGH Year: 2021
CVSS v3 Score
8.1
High
CVSS v2 Score
5.5
Medium
Weakness Type
CWE-428
View all →

Vulnerability Description

A vulnerability has been identified in SICAM PQ Analyzer (All versions < V3.18). A service is started by an unquoted registry entry. As there are spaces in this path, attackers with write privilege to those directories might be able to plant executables that will run in place of the legitimate process. Attackers might achieve persistence on the system ("backdoors") or cause a denial of service.

Related Vulnerabilities

CVE-2024-34010

HIGH
CVSS:8.2(High)

Local privilege escalation due to unquoted search path vulnerability. The following products are affected: Acronis Cyber Protect Cloud Agent (Windows) before build 37758, Acronis Cyber Protect 16 (Win...

CWE-4282024

CVE-2016-15003

HIGH
CVSS:7.8(High)

A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of th...

CWE-4282016

CVE-2016-6935

HIGH
CVSS:7.8(High)

Unquoted Windows search path vulnerability in Adobe Creative Cloud Desktop Application before 3.8.0.310 on Windows allows local users to gain privileges via a Trojan horse executable file in the %SYST...

CWE-4282016

CVE-2016-8225

HIGH
CVSS:7.8(High)

Unquoted service path vulnerability in Lenovo Edge and Lenovo Slim USB Keyboard Driver versions earlier than 1.21 allows local users to execute code with elevated privileges.

CWE-4282016

CVE-2017-1000475

HIGH
CVSS:7.8(High)

FreeSSHd 1.3.1 version is vulnerable to an Unquoted Path Service allowing local users to launch processes with elevated privileges.

CWE-4282017

CVE-2017-11672

HIGH
CVSS:7.8(High)

The OPC Foundation Local Discovery Server (LDS) before 1.03.367 is installed as a Windows Service without adding double quotes around the opcualds.exe executable path, which might allow local users to...

CWE-4282017