Epson EasyMP Network Projection Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution

A vulnerability exists in Epson EasyMP Network Projection version 2.81, specifically within the EMP_NSWLSV service, due to an unquoted service path. This flaw enables local users to potentially execute arbitrary code. The unquoted path can be exploited by injecting malicious code into the application's installation directory, which would then execute with LocalSystem privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of arbitrary code with elevated privileges.

Reproduction

The vulnerability can be reproduced by exploiting the unquoted service path of the EMP_NSWLSV service. After injecting malicious code into the system root path, undetected by the operating system or other security applications, the code could be executed during application startup or reboot, taking advantage of the elevated privileges of the service.