CWE-428— Unquoted Search Path or Element
410 active CVEs classified under this weakness category. Sourced from NVD, GHSA, and vendor advisories. Full definition on MITRE →
CVEs classified under CWE-428page 7 of 9
- CVE-2022-50933HIGHCVSS 7.8EG 8.42026-01-13
Cain & Abel 4.9.56 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables t…
- CVE-2022-50935CRITICALCVSS 9.8EG 9.82026-01-13
Flame II HSPA USB Modem contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\Internet Telcel\ApplicationController.exe' to execute arbitrar…
- CVE-2022-50938HIGHCVSS 8.4EG 8.42026-01-13
CONTPAQi AdminPAQ 14.0.0 contains an unquoted service path vulnerability in the AppKeyLicenseServer service running with LocalSystem privileges. Attackers can exploit the unquoted path to inject malicious code in the service binary path, p…
- CVE-2023-0392MEDIUMCVSS 6.7EG 6.72023-11-08
The LDAP Agent Update service with versions prior to 5.18 used an unquoted path, which could allow arbitrary code execution.
- CVE-2023-0887HIGHCVSS 7.0EG 7.82023-02-17
A vulnerability was found in phjounin TFTPD64-SE 4.64 and classified as critical. This issue affects some unknown processing of the file tftpd64_svc.exe. The manipulation leads to unquoted search path. An attack has to be approached locall…
- CVE-2023-22282HIGHCVSS 7.3EG 7.32023-04-11
WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be execu…
- CVE-2023-22841MEDIUMCVSS 6.7EG 6.72023-08-11
Unquoted search path in the software installer for the System Firmware Update Utility (SysFwUpdt) for some Intel(R) Server Boards and Intel(R) Server Systems Based on Intel(R) 621A Chipset before version 16.0.7 may allow an authenticated u…
- CVE-2023-2331HIGHCVSS 7.8EG 7.82023-04-27
Unquoted service Path or Element vulnerability in 42Gears Surelock Windows SureLock Service (NixService.Exe) on Windows application will allows to insert arbitrary code into the service. This issue affects Surelock Windows : from 2.3.12 th…
- CVE-2023-2417MEDIUMCVSS 5.3EG 5.32023-04-29
A vulnerability was found in ks-soft Advanced Host Monitor up to 12.56 and classified as problematic. Affected by this issue is some unknown functionality of the file C:\Program Files (x86)\HostMonitor\RMA-Win\rma_active.exe. The manipulat…
- CVE-2023-24542MEDIUMCVSS 6.7EG 6.72024-02-14
Unquoted search path or element in some Intel(R) Thunderbolt(TM) DCH drivers for Windows before version 88 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2023-24575HIGHCVSS 7.8EG 7.82023-02-21
Dell Multifunction Printer E525w Driver and Software Suite, versions prior to 1.047.2022, A05, contain a local privilege escalation vulnerability that could be exploited by malicious users to compromise the affected system
- CVE-2023-24671HIGHCVSS 7.8EG 7.82023-03-16
VX Search v13.8 and v14.7 was discovered to contain an unquoted service path vulnerability which allows attackers to execute arbitrary commands at elevated privileges via a crafted executable file.
- CVE-2023-25075MEDIUMCVSS 6.7EG 6.72023-11-14
Unquoted search path in the installer for some Intel Server Configuration Utility software before version 16.0.9 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2023-2644MEDIUMCVSS 5.3EG 5.32023-05-11
A vulnerability, which was classified as problematic, has been found in DigitalPersona FPSensor 1.0.0.1. This issue affects some unknown processing of the file C:\Program Files (x86)\FPSensor\bin\DpHost.exe. The manipulation leads to unquo…
- CVE-2023-2685HIGHCVSS 7.2EG 7.22023-07-28
A vulnerability was found in AO-OPC server versions mentioned above. As the directory information for the service entry is not enclosed in quotation marks, potential attackers could possibly call up another application than the AO-OPC serv…
- CVE-2023-26911HIGHCVSS 7.8EG 7.82023-07-26
ASUS SetupAsusServices v1.0.5.1 in Asus Armoury Crate v5.3.4.0 contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.
- CVE-2023-27298HIGHCVSS 8.8EG 8.82023-05-10
Uncontrolled search path in the WULT software maintained by Intel(R) before version 1.0.0 (commit id 592300b) may allow an unauthenticated user to potentially enable escalation of privilege via network access.
- CVE-2023-27386MEDIUMCVSS 6.7EG 6.72023-05-10
Uncontrolled search path in some Intel(R) Pathfinder for RISC-V software may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2023-29165MEDIUMCVSS 6.7EG 6.72023-11-14
Unquoted search path or element in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2023-31747HIGHCVSS 7.8EG 7.82023-05-23
Wondershare Filmora 12 (Build 12.2.1.2088) was discovered to contain an unquoted service path vulnerability via the component NativePushService. This vulnerability allows attackers to launch processes with elevated privileges.
- CVE-2023-32658MEDIUMCVSS 6.7EG 6.72023-11-14
Unquoted search path in some Intel(R) NUC Kits NUC7i3DN, NUC7i5DN, NUC7i7DN HDMI firmware update tool software before version 1.79.1.1 may allow an authenticated user to potentially enable escalation of privilege via local access.
- CVE-2023-3438MEDIUMCVSS 4.4EG 4.42023-07-03
An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe). The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted s…
- CVE-2023-36658HIGHCVSS 7.8EG 7.82023-09-15
An issue was discovered in OPSWAT MetaDefender KIOSK 4.6.1.9996. It has an unquoted service path that can be abused locally.
- CVE-2023-37537HIGHCVSS 7.8EG 7.82023-10-17
An unquoted service path vulnerability in HCL AppScan Presence, deployed as a Windows service in HCL AppScan on Cloud (ASoC), may allow a local attacker to gain elevated privileges.
- CVE-2023-38408CRITICALCVSS 9.8EG 9.82023-07-20
The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remote code execution if an agent is forwarded to an attacker-controlled system. (Code in /usr/lib is not necessarily safe f…
- CVE-2023-3842HIGHCVSS 7.8EG 7.82023-07-23
A vulnerability was found in Pointware EasyInventory 1.0.12.0 and classified as critical. This issue affects some unknown processing of the file C:\Program Files (x86)\EasyInventory\Easy2W.exe. The manipulation leads to unquoted search pat…
- CVE-2023-39464HIGHCVSS 7.2EG 7.22024-05-03
Triangle MicroWorks SCADA Data Gateway GTWWebMonitorService Unquoted Search Path Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute code on affected installations of Triangle MicroWorks SCADA Data Ga…
- CVE-2023-42486MEDIUMCVSS 6.3EG 6.32023-09-27
Fortect - CWE-428: Unquoted Search Path or Element, may be used by local user to elevate privileges.
- CVE-2023-4991HIGHCVSS 7.8EG 7.82023-09-15
A vulnerability was found in NextBX QWAlerter 4.50. It has been rated as critical. Affected by this issue is some unknown functionality of the file QWAlerter.exe. The manipulation leads to unquoted search path. It is possible to launch the…
- CVE-2023-5012MEDIUMCVSS 5.3EG 5.32023-09-16
A vulnerability, which was classified as problematic, was found in Topaz OFD 2.11.0.201. This affects an unknown part of the file C:\Program Files\Topaz OFD\Warsaw\core.exe of the component Protection Module Warsaw. The manipulation leads …
- CVE-2023-53912MEDIUMCVSS 6.2EG 6.22025-12-17
USB Flash Drives Control 4.1.0.0 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\U…
- CVE-2023-53946HIGHCVSS 8.4EG 8.42025-12-19
Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and trigger t…
- CVE-2023-53947HIGHCVSS 8.4EG 8.42025-12-19
OCS Inventory NG 2.3.0.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges to system level. Attackers can place a malicious executable in the unquoted service path and trigger the service re…
- CVE-2023-53954MEDIUMCVSS 6.2EG 6.22025-12-19
ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files direc…
- CVE-2023-53965HIGHCVSS 8.4EG 8.42025-12-22
SOUND4 Server Service 4.1.102 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path by inserting m…
- CVE-2023-53984HIGHCVSS 8.4EG 8.42026-01-13
Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges. Attackers can exploit the misconfigured serv…
- CVE-2023-54331HIGHCVSS 7.8EG 8.42026-01-13
Outline 1.6.0 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the OutlineService executab…
- CVE-2023-54336HIGHCVSS 8.4EG 8.42026-01-13
Mediconta 3.7.27 contains an unquoted service path vulnerability in the servermedicontservice that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\m…
- CVE-2023-54338HIGHCVSS 8.4EG 8.42026-01-13
Tftpd32 SE 4.60 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in the service configuration to inject mali…
- CVE-2023-6631HIGHCVSS 7.8EG 7.82024-01-08
PowerSYSTEM Center versions 2020 Update 16 and prior contain a vulnerability that may allow an authorized local user to insert arbitrary code into the unquoted service path and escalate privileges.
- CVE-2023-7043LOWCVSS 3.3EG 3.32024-01-31
Unquoted service path in ESET products allows to drop a prepared program to a specific location and run on boot with the NT AUTHORITY\NetworkService permissions.
- CVE-2024-1201HIGHCVSS 7.8EG 7.82024-02-02
Search path or unquoted item vulnerability in HDD Health affecting versions 4.2.0.112 and earlier. This vulnerability could allow a local attacker to store a malicious executable file within the unquoted search path, resulting in privilege…
- CVE-2024-1618HIGHCVSS 7.8EG 7.82024-03-12
A search path or unquoted item vulnerability in Faronics Deep Freeze Server Standard, which affects versions 8.30.020.4627 and earlier. This vulnerability affects the DFServ.exe file. An attacker with local user privileges could exploit t…
- CVE-2024-22437HIGHCVSS 7.3EG 7.32024-04-15
A potential security vulnerability has been identified in VSS Provider and CAPI Proxy software for certain HPE MSA storage products. This vulnerability could be exploited to gain elevated privilege on the system.
- CVE-2024-24722CRITICALCVSS 9.1EG 9.12024-02-19
An unquoted service path vulnerability in the 12d Synergy Server and File Replication Server components may allow an attacker to gain elevated privileges via the 12d Synergy Server and/or 12d Synergy File Replication Server executable serv…
- CVE-2024-25552HIGHCVSS 7.8EG 7.82024-03-01
A local attacker can gain administrative privileges by inserting an executable file in the path of the affected product.
- CVE-2024-2747HIGHCVSS 7.8EG 7.82024-06-12
CWE-428: Unquoted search path or element vulnerability exists in Easergy Studio, which could cause privilege escalation when a valid user replaces a trusted file name on the system and reboots the machine.
- CVE-2024-31201MEDIUMCVSS 6.5EG 6.52024-07-31
A “CWE-428: Unquoted Search Path or Element” affects the ThermoscanIP_Scrutation service. Such misconfiguration could be abused in scenarios where incorrect permissions were assigned to the C:\ path to attempt a privilege escalation on…
- CVE-2024-31226MEDIUMCVSS 4.9EG 4.92024-05-16
Sunshine is a self-hosted game stream host for Moonlight. Users who ran Sunshine versions 0.17.0 through 0.22.2 as a service on Windows may be impacted when terminating the service if an attacked placed a file named `C:\Program.exe`, `C:\P…
- CVE-2024-31804MEDIUMCVSS 6.7EG 6.72024-04-23
An unquoted service path vulnerability in Terratec DMX_6Fire USB v.1.23.0.02 allows a local attacker to escalate privileges via the Program.exe component.
Map vulnerabilities like CWE-428 to your infrastructure
EchelonGraph correlates every CVE — across CWE-428 and 150+ other weakness categories — against the assets you actually run. See blast radius, fix versions, and remediation steps in one graph.
Start Free Scan →