Primary

Context

KMSpico Unquoted Service Path Vulnerability in Service KMSELDI Allowing Privilege Escalation

Vulnerability

A vulnerability exists in KMSpico version 17.1.0.0 within the Service KMSELDI configuration, where an unquoted service path could allow local attackers to execute arbitrary code. The flaw arises because the binary path in 'C:\Program Files\KMSpico\Service_KMS.exe' is unquoted, enabling the injection of malicious executables that could be executed with elevated privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code with elevated privileges on the affected system.

Reproduction

The vulnerability can be reproduced by exploiting the unquoted service path of the 'Service KMSELDI' Windows service. This can be done by injecting a malicious executable into the path where the service binary is located. Once the executable is injected, the service can be started, executing the injected code with elevated privileges.

Added: Jan 25, 2026, 2:19 PM

Updated: Jan 25, 2026, 2:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.2

remediation

0.0

relevance

2.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.2

remediation

0.0

relevance

2.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

KMSpico Unquoted Service Path Vulnerability in Service KMSELDI Allowing Privilege Escalation

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating