Primary

Context

PDF Complete Unquoted Service Path Vulnerability in pdfsvc.exe

Vulnerability

A vulnerability exists in PDF Complete version 3.5.310.2002, specifically within the pdfsvc.exe service. The issue arises from an unquoted service path, which allows attackers to inject and execute malicious code with elevated LocalSystem privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution with LocalSystem privileges.

Reproduction

The vulnerability can be reproduced by exploiting the unquoted service path of the pdfsvc.exe service. This can be done by injecting a malicious payload into the service path, which is not properly quoted, allowing the payload to be executed with elevated privileges.

Added: Jan 26, 2026, 6:53 PM

Updated: Jan 26, 2026, 6:53 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.2

remediation

0.0

relevance

2.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.2

remediation

0.0

relevance

2.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

PDF Complete Unquoted Service Path Vulnerability in pdfsvc.exe

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating