PT-2026-4505 · Softros Systems · Softrosspellchecker+1
Victor Mondragón
·
Published
2026-01-23
·
Updated
2026-01-24
·
CVE-2021-47889
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Softros LAN Messenger version 9.6.4
Description
Softros LAN Messenger 9.6.4 has a flaw due to an unquoted service path in the SoftrosSpellChecker service. This could allow local attackers to execute arbitrary code. The vulnerable path is located at 'C:Program Files (x86)Softros SystemsSoftros MessengerSpell Checker'. Attackers can potentially inject malicious executables and gain elevated privileges by exploiting this unquoted path.
Recommendations
Apply updates to address the unquoted service path in the SoftrosSpellChecker service.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Softros Lan Messenger
Softrosspellchecker