PT-2026-4652 · Deepinstinct+1 · Deep Instinct Windows Agent+1
Paulina Girón
·
Publicado
2026-01-25
·
Atualizado
2026-01-25
·
CVE-2020-36934
CVSS v3.1
7.8
Alta
| Vetor | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Deep Instinct Windows Agent version 1.2.24.0
Description
The Deep Instinct Windows Agent has an issue related to an unquoted service path in the
DeepNetworkService. This could allow local users to potentially run code with higher privileges. An attacker could exploit the unquoted path located at C:Program FilesHP Sure SenseDeepNetworkService.exe to inject malicious code. This injected code would then run with LocalSystem permissions when the service starts.Recommendations
Ensure the service path for
DeepNetworkService is enclosed in quotes.Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Deep Instinct Windows Agent
Hp Sure Sense