Sandboxie Plus Unquoted Service Path Vulnerability in SbieSvc Service Allowing Elevated Privilege Code Execution
Vulnerability
A vulnerability exists in Sandboxie Plus version 0.7.2 within the SbieSvc service, where an unquoted service path allows local attackers to execute code with elevated privileges. Exploitation involves injecting malicious executables into the unquoted binary path, which are then executed with LocalSystem permissions when the service starts.
Impact
Exploitation of this vulnerability allows for unauthorized code execution with elevated privileges, potentially leading to a full system compromise.
Reproduction
The vulnerability can be reproduced by injecting a malicious executable into the unquoted service path of the SbieSvc service. This can be done using a tool or script that exploits unquoted service path vulnerabilities by placing a malicious executable in a location that will be accessed by the service when it starts. Once the executable is injected, the service can be restarted, triggering the execution of the malicious code with LocalSystem privileges.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.