Primary

Context

IP Watcher Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A vulnerability exists in IP Watcher version 3.0.0.30 due to an unquoted service path in the Windows service configuration. This flaw allows local attackers to execute arbitrary code by injecting malicious executables into the unquoted binary path. The injected executables are executed with elevated LocalSystem privileges when the service starts.

Impact

Exploitation of this vulnerability could lead to arbitrary code execution with LocalSystem privileges.

Reproduction

The vulnerability can be reproduced by exploiting the unquoted service path of the IPWatcherSvc Windows service. After injecting a malicious executable into the unquoted path, the executable will be executed with elevated privileges when the service is started.

Added: Jan 28, 2026, 1:34 PM

Updated: Jan 28, 2026, 1:34 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.2

remediation

0.0

relevance

2.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

IP Watcher Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating