CVE-2017-20218

HIGH

Serviio PRO 1.8 Local Privilege Escalation via Unquoted Path

Title source: cna

Description

Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users group allow authenticated users to replace the executable file with arbitrary binaries, enabling privilege escalation during service startup or system reboot.

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textlocalwindows

https://www.exploit-db.com/exploits/41959

View Code ZIP pw:eip

References (7)

Core 7

Core References

Third Party Advisory third-party-advisory

Zero Science Lab Disclosure

https://www.zeroscience.mk/en/vulnerabilities/ZSL-2017-5405.php

Third Party Advisory third-party-advisory

SecuriTeam Blogs

https://blogs.securiteam.com/index.php/archives/3094

Exploit exploit

Exploit-DB

https://www.exploit-db.com/exploits/41959/

Exploit exploit

Packet Storm Security

https://packetstormsecurity.com/files/142384

Third Party Advisory third-party-advisory

CXSecurity

https://cxsecurity.com/issue/WLB-2017050019

Vdb Entry vdb-entry

IBM X-Force Exchange

https://exchange.xforce.ibmcloud.com/vulnerabilities/125644

Third Party Advisory third-party-advisory

VulnCheck Advisory: Serviio PRO 1.8 Local Privilege Escalation via Unquoted Path

https://www.vulncheck.com/advisories/serviio-pro-local-privilege-escalation-via-unquoted-path

Scores

CVSS v3 7.8

EPSS 0.0002

EPSS Percentile 4.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact total

Details

CWE

CWE-428

Status published

Products (4)

Serviio/Serviio PRO 1.6.1

Serviio/Serviio PRO 1.7.0

Serviio/Serviio PRO 1.7.1

Serviio/Serviio PRO 1.8.0.0 PRO

Published Mar 16, 2026

Tracked Since Mar 16, 2026