Hi-Rez Studios HiPatchService Unquoted Service Path Vulnerability Allowing Elevated Privileges
Vulnerability
A vulnerability exists in Hi-Rez Studios version 5.1.6.3 within the HiPatchService, where an unquoted service path allows local attackers to execute code with elevated privileges. This unquoted path can be exploited during system startup or reboot, enabling the injection and execution of malicious executables with LocalSystem permissions.
Impact
Exploitation of this vulnerability could lead to unauthorized code execution with elevated privileges, allowing malicious actors to perform actions as the LocalSystem user.
Reproduction
The vulnerability can be reproduced by creating a malicious executable and placing it in a directory that is referenced by the unquoted service path of the HiPatchService. The service should then be started or the system rebooted, at which point the malicious executable will be executed with LocalSystem privileges.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.