Primary

Context

Shrew Soft VPN Client Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A vulnerability exists in Shrew Soft VPN Client version 2.2.2 due to an unquoted service path. This flaw enables local users to execute arbitrary code with elevated system privileges. By placing malicious executables in the unquoted service path, attackers can gain elevated access when the service starts or during a system reboot.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code with elevated privileges, allowing local users to gain higher access rights on the system.

Reproduction

The vulnerability can be reproduced by placing a malicious executable in the system root path, undetected by the operating system or security applications. The executable would then be executed with elevated privileges when the Shrew Soft VPN Client service starts or during a system reboot.

Added: Feb 5, 2026, 12:49 AM

Updated: Feb 5, 2026, 12:49 AM

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

4.2

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.8

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Shrew Soft VPN Client Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Reproduction

Affected Products

Shrew Soft VPN Client

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating