Diego Cañada

**Name of the Vulnerable Software and Affected Versions** IDT PC Audio version 1.0.6499.0 **Description** An unquoted service path exists in the STacSV service. This allows local users to potentially execute arbitrary code with elevated system privileges by injecting malicious code that runs with LocalSystem account permissions during service startup. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.