CVE-2019-25304

Name of the Vulnerable Software and Affected Versions SecurOS Enterprise version 10.2

Description An unquoted service path issue exists in the SecurosCtrlService. Local users can exploit the unquoted path in 'C:Program Files (x86)ISSSecurOS' to insert malicious code, which may then execute with system-level permissions during service startup, leading to elevated privileges.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.