IDT PC Audio Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution
Vulnerability
A vulnerability exists in IDT PC Audio version 1.0.6499.0, where an unquoted service path in the STacSV service can be exploited by local users to execute arbitrary code with elevated privileges. The vulnerability arises because the service path is not enclosed in quotes, allowing for the injection of malicious code that could be executed with LocalSystem permissions during the service's startup.
Impact
Exploitation of this vulnerability could lead to unauthorized execution of code with elevated system privileges, potentially allowing for significant changes to the system or access to sensitive information.
Reproduction
The vulnerability can be reproduced by downloading the IDT PC Audio application version 1.0.6499.0 and overwriting the STacSV64.exe file with a modified version that includes the malicious payload. After replacing the file, the service should be registered again if necessary, and the system can be rebooted to execute the payload with elevated privileges.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.