Mechrevo Control Center GX Uncontrolled Search Path Vulnerability in .reg File Handler

Vulnerability

A vulnerability exists in Mechrevo Control Center GX Version 2.5.56.51.48, specifically within the .reg file handler component. This vulnerability allows for an uncontrolled search path, which can be exploited locally. The issue arises because the application does not properly validate the integrity or authenticity of .reg files used during installation. As a result, an attacker with write access can manipulate these files to inject malicious registry entries or commands. Given that the installer operates with high integrity privileges, such actions could lead to privilege escalation, persistent backdoors, or arbitrary code execution under the NT AUTHORITY\SYSTEM account.

Impact

Exploitation of this vulnerability could result in unauthorized manipulation of the Windows Registry, potentially leading to privilege escalation or arbitrary code execution with system-level rights.

Added: Aug 15, 2025, 2:17 AM

Updated: Aug 15, 2025, 2:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.6

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

4.6

remediation

0.0

relevance

0.3

threat

6.4

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Mechrevo Control Center GX Uncontrolled Search Path Vulnerability in .reg File Handler

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating