CVE-2020-37063

Name of the Vulnerable Software and Affected Versions TFTP Turbo version 4.6.1273

Description TFTP Turbo 4.6.1273 contains an unquoted service path issue that could allow local attackers to execute arbitrary code with elevated privileges. The issue stems from an unquoted path within the service configuration, which allows attackers to inject malicious executables. These injected executables can then be launched with LocalSystem permissions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.