Acer ePowerSvc Unquoted Service Path Vulnerability Allowing Elevated Privileges
Vulnerability
A vulnerability exists in Acer ePowerSvc version 6.0.3008.0, where an unquoted service path allows local users to execute code with elevated system privileges. The flaw arises because the service path can be exploited to inject malicious code that executes with LocalSystem permissions during the service's startup process.
Impact
Exploitation of this vulnerability could lead to unauthorized code execution with elevated privileges, allowing a local user to perform actions with the highest level of system rights.
Reproduction
The vulnerability can be reproduced by creating a malicious executable and placing it in a directory that is not monitored by the operating system or security applications. The executable should be named in a way that takes advantage of the unquoted service path. Once the service is restarted, the malicious code will execute with LocalSystem privileges.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.