CVE-2019-25292
HIGHAlps HID Monitor Service 8.1.0.10 - Code Injection
Title source: llmDescription
Alps HID Monitor Service 8.1.0.10 contains an unquoted service path vulnerability that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files\Apoint2K\HidMonitorSvc.exe to inject malicious executables and gain system-level access.
Exploits (1)
exploitdb
WRITEUP
by Héctor Gabriel Chimecatl Hernández · textlocalwindows
https://www.exploit-db.com/exploits/47605
Scores
CVSS v3
7.8
EPSS
0.0001
EPSS Percentile
0.3%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Classification
CWE
CWE-428
Status
draft
Timeline
Published
Feb 06, 2026
Tracked Since
Feb 18, 2026