Alejandro Reyes

**Name of the Vulnerable Software and Affected Versions** Iskysoft Application Framework Service version 2.4.3.241 **Description** The software contains an unquoted service path issue that may allow local users to execute arbitrary code with elevated privileges. An attacker can exploit the unquoted path in the service configuration to inject malicious executables, which would then run with the service’s high-level system permissions. **Recommendations** Apply appropriate quoting to the service path to prevent the execution of unauthorized code.

**Name of the Vulnerable Software and Affected Versions** SpyHunter 4 (affected versions not specified) **Description** The software contains an unquoted service path issue that may allow local users to execute arbitrary code with elevated system privileges. An attacker can exploit this by placing malicious executables in specific file system locations to gain elevated access when the service starts. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.