CVE-2020-36986

Name of the Vulnerable Software and Affected Versions Prey version 1.9.6

Description The software contains an unquoted service path issue that may allow local users to execute code with elevated privileges. An attacker can exploit the unquoted path within the CronService to insert malicious code, which could then execute during application startup or system reboot.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider restricting access to the CronService to minimize the risk of exploitation.