← volver
CVE-2020-37016

BarcodeOCR 19.3.6 - 'BarcodeOCR' Unquoted Service Path

CVSS 8.5 HIGHEPSS 0.1%CWE-428
BarcodeOCR 19.3.6 contains an unquoted service path vulnerability that allows local attackers to execute code with elevated privileges during system startup. Attackers can exploit the unquoted path in the service configuration to inject malicious executables that will run with LocalSystem privileges.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Productos afectados
Barcode-Ocr · BarcodeOCR

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
https://www.barcode-ocr.com/https://www.exploit-db.com/exploits/48740https://www.vulncheck.com/advisories/barcodeocr-barcodeocr-unquoted-service-path