CVE-2023-53946

Name of the Vulnerable Software and Affected Versions Arcsoft PhotoStudio version 6.0.0.172

Description Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability within the ArcSoft Exchange Service. This allows local attackers to potentially escalate privileges. Specifically, attackers can place a malicious executable within an unquoted path, and the service may execute this code with system-level permissions.

Recommendations Apply appropriate quoting to the service path to prevent the execution of unauthorized executables.