Primary

Context

Realtek Andrea RT Filters Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A vulnerability exists in Realtek Andrea RT Filters version 1.0.64.7, where an unquoted service path in 'C:\Program Files\IDT\WDM\AESTSr64.exe' could allow local users to execute arbitrary code with elevated privileges. This exploitation could occur during service startup or system reboot.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code with elevated system privileges.

Reproduction

The vulnerability can be reproduced by creating a malicious executable and placing it in a location that can be accessed during the service startup or system reboot. The unquoted service path allows the injected code to be executed with the application's privileges.

Added: Jan 27, 2026, 7:37 PM

Updated: Jan 27, 2026, 7:37 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.4

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Realtek Andrea RT Filters Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating