CVE-2021-47825

Name of the Vulnerable Software and Affected Versions Acer Updater Service version 1.2.3500.0

Description The Acer Updater Service contains a flaw due to an unquoted service path. This allows local users to potentially execute code with elevated system privileges. An attacker can exploit the unquoted path located in 'C:Program FilesAcerAcer Updater' by injecting malicious executables. These executables will then run with LocalSystem permissions when the service starts.

Recommendations Apply appropriate quoting to the service path to prevent the execution of unauthorized code.