Issivs · Intelligent Security System Securos Enterprise · CVE-2019-25304
**Name of the Vulnerable Software and Affected Versions**
SecurOS Enterprise version 10.2
**Description**
An unquoted service path issue exists in the SecurosCtrlService. Local users can exploit the unquoted path in 'C:Program Files (x86)ISSSecurOS' to insert malicious code, which may then execute with system-level permissions during service startup, leading to elevated privileges.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.