Dynojet Power Core Unquoted Service Path Vulnerability Allowing Privilege Escalation

A vulnerability exists in Dynojet Power Core version 2.3.0, specifically within the DJ.UpdateService, due to an unquoted service path. This flaw allows local authenticated users to potentially execute code with elevated privileges. Exploitation involves placing malicious executables in the service's file path, which can then be executed with Local System rights.

Impact

Exploitation of this vulnerability could lead to unauthorized code execution with elevated privileges, allowing a local user to gain Local System access.

Reproduction

The vulnerability can be reproduced by placing a malicious executable in the system root path. Once the executable is in place, the DJ.UpdateService can be started manually by any authenticated user. If the service is executed, the malicious code will run with Local System privileges.