PT-2026-4652 · Deepinstinct+1 · Deep Instinct Windows Agent+1
Paulina Girón
·
Published
2026-01-25
·
Updated
2026-01-25
·
CVE-2020-36934
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Deep Instinct Windows Agent version 1.2.24.0
Description
The Deep Instinct Windows Agent has an issue related to an unquoted service path in the
DeepNetworkService. This could allow local users to potentially run code with higher privileges. An attacker could exploit the unquoted path located at C:Program FilesHP Sure SenseDeepNetworkService.exe to inject malicious code. This injected code would then run with LocalSystem permissions when the service starts.Recommendations
Ensure the service path for
DeepNetworkService is enclosed in quotes.Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Deep Instinct Windows Agent
Hp Sure Sense