Roberto Piña

**Name of the Vulnerable Software and Affected Versions** Andrea ST Filters Service version 1.0.64.7 **Description** The software contains an unquoted service path vulnerability in its Windows service configuration. Local attackers can exploit the unquoted path to inject malicious code that will execute with elevated LocalSystem privileges during service startup. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Avast SecureLine version 5.5.522.0 **Description** The software contains an unquoted service path issue that may allow local users to execute code with elevated system privileges. An attacker can exploit the unquoted path within the service configuration to inject malicious code. This code would then execute with LocalSystem account permissions when the service starts. **Recommendations** Apply updates to address the unquoted service path issue.

**Name of the Vulnerable Software and Affected Versions** EPSON EasyMP Network Projection version 2.81 **Description** The software contains a flaw due to an unquoted service path in the EMP NSWLSV service. This could allow local users to potentially execute arbitrary code. An attacker can exploit the unquoted path located at C:Program Files (x86)EPSON ProjectorEasyMP Network Projection V2 to inject malicious code. Successful exploitation may result in the execution of this code with LocalSystem privileges. **Recommendations** Update EPSON EasyMP Network Projection to a version that addresses this issue. As a temporary workaround, restrict access to the vulnerable directory C:Program Files (x86)EPSON ProjectorEasyMP Network Projection V2.