PT-2025-51950 · Microsoft+1 · Windows+1
Jeffrey Bencteux
·
Published
2025-12-17
·
Updated
2025-12-20
·
CVE-2023-53912
CVSS v3.1
6.2
Medium
| Vector | AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
USB Flash Drives Control version 4.1.0.0
Description
USB Flash Drives Control version 4.1.0.0 contains an unquoted service path vulnerability in its service configuration. This allows local attackers to potentially execute arbitrary code. The vulnerability exists due to the unquoted path in 'C:Program FilesUSB Flash Drives Controlusbcs.exe', which enables attackers to inject malicious executables and escalate privileges on Windows systems.
Recommendations
Apply appropriate quoting to the service path in the service configuration.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Usb Flash Drives Control
Windows