Primary

Context

Event Log Explorer Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

A vulnerability exists in Event Log Explorer version 4.9.3, where an unquoted service path allows local users to execute arbitrary code with elevated privileges. This vulnerability can be exploited by placing malicious executables in certain file system locations, which will be executed with LocalSystem account privileges when the service starts.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of code with elevated system privileges.

Reproduction

The vulnerability can be reproduced by placing a malicious executable in a location that will be accessed by the 'ElodeaEventCollectorService' during startup. The service path can be verified using the Windows Management Instrumentation Command-line (WMIC) tool, which will show the unquoted path vulnerable to exploitation.

Added: Jan 21, 2026, 6:20 PM

Updated: Jan 21, 2026, 6:20 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.2

remediation

0.0

relevance

2.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.2

remediation

0.0

relevance

2.3

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Event Log Explorer Unquoted Service Path Vulnerability Allowing Arbitrary Code Execution

Vulnerability

Impact

Reproduction

Affected Products

Event Log Explorer

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating