CVE-2024-58315

Name of the Vulnerable Software and Affected Versions Tosibox Key Service version 3.3.0

Description The software contains an unquoted service path issue. This allows local, non-privileged users to potentially execute code with elevated system privileges. Exploitation involves manipulating the service startup process by placing malicious code in the system root path, which can then be executed during application startup or system reboot.

Recommendations Update to a newer version that contains a fix for this vulnerability.