Sandboxie Plus Unquoted Service Path Vulnerability in SbieSvc Service Allowing Elevated Privilege Code Execution
Vulnerability
A vulnerability exists in Sandboxie Plus version 0.7.4 within the SbieSvc service, where an unquoted service path allows local attackers to execute code with elevated privileges. This vulnerability can be exploited by injecting and running malicious executables with LocalSystem permissions during system startup or reboot.
Impact
Exploitation of this vulnerability could lead to unauthorized code execution with elevated privileges, allowing local attackers to execute malicious payloads as the LocalSystem user.
Reproduction
The vulnerability can be reproduced by creating a malicious executable and placing it in a directory with a path that includes spaces. The executable should be named in a way that takes advantage of the unquoted service path vulnerability. Once the executable is in place, restarting the system will trigger the vulnerability, executing the malicious payload with LocalSystem privileges.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.