OCS Inventory NG
Moderate fix1 remedy
cpe:2.3:a:ocsinventory-ng:ocsinventory_ng:*:*:*:*:*:*:*
Moderate fix1 remedy
- <= 2.3.0.0
OCS Inventory NG Unquoted Service Path Privilege Escalation Vulnerability
Vulnerability
Patched
A privilege escalation vulnerability has been identified in OCS Inventory NG version 2.3.0.0, stemming from an unquoted service path. This flaw allows local attackers to escalate privileges to the system level. By placing a malicious executable in the unquoted service path and triggering a restart of the service, attackers can execute code with elevated privileges.
Impact
Exploitation of this vulnerability allows for unauthorized privilege escalation, with attackers gaining system-level rights.
Reproduction
The vulnerability can be reproduced by first identifying the unquoted service path of the OCS Inventory Service using the Windows Management Instrumentation Command-line (WMIC) tool. After confirming the service's binary path, a malicious executable can be uploaded to the specified location. Once the executable is in place, the service can be stopped and started again, or the system can be rebooted, which will trigger the execution of the malicious payload with elevated privileges.
Remediation
Users are advised to update to OCS Inventory NG version 2.3.1.0 or later, where this vulnerability has been addressed.
Added: Dec 19, 2025, 9:27 PM
Updated: Dec 19, 2025, 9:27 PM
Vulnerability Rating
Custom Algorithm
spread
2.6impact
10.0exploitability
4.8remediation
7.7relevance
1.6threat
6.4urgency
2.9incentive
1.7Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.