Adaware Web Companion Unquoted Service Path Vulnerability in WCAssistantService Allowing Arbitrary Code Execution
Vulnerability
A vulnerability exists in Adaware Web Companion version 4.9.2159 within the WCAssistantService, where an unquoted service path allows local attackers to execute arbitrary code. Exploitation involves injecting malicious executables into the unquoted binary path, which are then executed with LocalSystem privileges when the service starts.
Impact
Exploitation of this vulnerability could lead to unauthorized execution of arbitrary code with LocalSystem privileges.
Reproduction
The vulnerability can be reproduced by injecting a malicious executable into the unquoted service path of the WCAssistantService. This can be done by using a tool or script that exploits unquoted service paths, such as the Windows 'sc' command to query the service configuration and identify the unquoted path. Once the path is confirmed, the injected executable can be executed with LocalSystem privileges when the service is started.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.