PT-2026-5421 · Unknown · Atomic Alarm Clock
Boku
·
Published
2026-01-30
·
Updated
2026-01-30
·
CVE-2020-37060
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Atomic Alarm Clock version 6.3
Description
Atomic Alarm Clock version 6.3 contains a local privilege escalation issue in its service configuration. This allows attackers to execute arbitrary code with SYSTEM privileges. The issue stems from an unquoted service path, enabling exploitation by placing a malicious executable named
Program.exe. Successful exploitation grants persistent system-level access.Recommendations
Ensure the service path is properly quoted to prevent the execution of unauthorized programs.
Exploit
Fix
LPE
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Atomic Alarm Clock