PT-2026-41429 · Oki · Spsv Port Manager

Julio Aviña

·

Published

2026-05-16

·

Updated

2026-05-16

·

CVE-2020-37229

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions OKI sPSV Port Manager version 1.0.41
Description An unquoted service path issue exists in the sPSVOpLclSrv service. This allows local attackers to escalate privileges by placing a malicious executable file within the unquoted directory path. The malicious file will then execute with LocalSystem privileges upon service restart or system reboot.
Recommendations For version 1.0.41, ensure the service path for sPSVOpLclSrv is properly quoted or restrict write permissions to the directories within the service path to prevent unauthorized executable placement.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2020-37229

Affected Products

Spsv Port Manager