Primary

Context

10-Strike Bandwidth Monitor Unquoted Service Path Vulnerability Allowing Privilege Escalation

Vulnerability

A vulnerability exists in 10-Strike Bandwidth Monitor version 3.9, where multiple services have an unquoted service path. This flaw allows local attackers to escalate privileges by placing a malicious executable in a specific file path. The exploitation of this vulnerability can lead to unauthorized privilege escalation to the SYSTEM level when the service is started.

Impact

Exploitation of this vulnerability allows for local privilege escalation to the SYSTEM account.

Reproduction

The vulnerability can be reproduced by placing a malicious executable in a path that takes advantage of the unquoted service path vulnerability. Once the executable is in place, starting the service will trigger the execution of the malicious payload, leading to privilege escalation.

Added: Jan 29, 2026, 3:25 PM

Updated: Jan 29, 2026, 4:45 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

10-Strike Bandwidth Monitor Unquoted Service Path Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating