PT-2026-50917 · Realtek · Realtek Audio Service

Erika Figueroa

Published

2026-06-19

Updated

2026-06-19

CVE-2020-37252

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Realtek Audio Service 1.0.0.55 contains an unquoted service path vulnerability in RtkAudioService64.exe that allows local attackers to escalate privileges by injecting malicious code. Attackers can place executable files in the unquoted service path directory to execute arbitrary code with LocalSystem privileges during service startup or system reboot.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-428

Related Identifiers

CVE-2020-37252

Affected Products

Realtek Audio Service

PT-2026-50917 · Realtek · Realtek Audio Service

CVE-2020-37252

Weakness Enumeration

Related Identifiers

Affected Products

References · 4