CVE-2019-25309

Name of the Vulnerable Software and Affected Versions Zilab Remote Console Server version 3.2.9

Description The software contains an unquoted service path that could allow local attackers to execute arbitrary code with elevated system privileges. Exploitation involves leveraging the unquoted binary path within the service configuration to inject malicious executables, which are then executed with LocalSystem permissions.

Recommendations Ensure the service path is enclosed in quotes to prevent the execution of unauthorized code.