漏洞信息
尽管我们使用了先进的大模型技术,但其输出仍可能包含不准确或过时的信息。神龙努力确保数据的准确性,但请您根据实际情况进行核实和判断。
Vulnerability Title
Acer Updater Service 1.2.3500.0 - 'UpdaterService.exe' Unquoted Service Path
Vulnerability Description
Acer Updater Service 1.2.3500.0 contains an unquoted service path vulnerability that allows local users to execute code with elevated system privileges. Attackers can exploit the unquoted path in C:\Program Files\Acer\Acer Updater\ to inject malicious executables that will run with LocalSystem permissions during service startup.
CVSS Information
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Vulnerability Type
未经引用的搜索路径或元素
Vulnerability Title
Acer Updater Service 代码问题漏洞
Vulnerability Description
Acer Updater Service是中国台湾宏碁(Acer)公司的一个软件更新工具。 Acer Updater Service 1.2.3500.0版本存在代码问题漏洞,该漏洞源于服务路径存在未加引号的服务路径,可能导致权限提升。
CVSS Information
N/A
Vulnerability Type
N/A