Seagate Toolkit Unquoted Search Path Vulnerability on Windows

Vulnerability

A vulnerability allowing unquoted search path exploitation has been identified in Seagate Toolkit versions prior to 2.34.0.33 for Windows. This issue arises from the service executable path, which can be manipulated by an attacker with admin privileges. If the attacker has write permissions to the root directory, they could place a malicious 'Program.exe' file that would execute with SYSTEM privileges.

Impact

Exploitation of this vulnerability could lead to unauthorized execution of malicious programs with SYSTEM privileges, allowing for significant control over the affected system.

Added: Aug 14, 2025, 5:16 PM

Updated: Aug 14, 2025, 5:16 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.8

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

2.8

remediation

0.0

relevance

0.4

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Seagate Toolkit Unquoted Search Path Vulnerability on Windows

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating