CVE-2020-37030

Name of the Vulnerable Software and Affected Versions Outline Service version 1.3.3

Description Outline Service 1.3.3 contains an unquoted service path that could allow local users to execute arbitrary code with elevated system privileges. An attacker can exploit the unquoted binary path located at C:Program Files (x86)Outline to inject malicious code. This code would then execute with LocalSystem permissions when the service starts.

Recommendations Ensure the service path for Outline Service 1.3.3 is properly quoted to prevent potential code injection during service startup.