Description
ExacqVision Server’s services 'exacqVisionServer', 'dvrdhcpserver' and 'mdnsresponder' have an unquoted service path. If an authenticated user is able to insert code in their system root path it potentially can be executed during the application startup. This could allow the authenticated user to elevate privileges on the system. This issue affects: Exacq Technologies, Inc. exacqVision Server 9.6; 9.8. This issue does not affect: Exacq Technologies, Inc. exacqVision Server version 9.4 and prior versions; 19.03. It is not known whether this issue affects: Exacq Technologies, Inc. exacqVision Server versions prior to 8.4.
References (6)
Core 6
Core References
Exploit, Third Party Advisory, VDB Entry x_refsource_misc
https://packetstormsecurity.com/files/152128/exacqVision-9.8-Unquoted-Service-Path-Privilege-Escalation.html
Third Party Advisory x_refsource_misc
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2019-5515.php
Patch, Third Party Advisory x_refsource_misc
https://gallery.technet.microsoft.com/scriptcenter/Windows-Unquoted-Service-190f0341
Third Party Advisory, US Government Resource x_refsource_misc
https://www.us-cert.gov/ics/advisories/icsa-19-199-01
Mitigation, Vendor Advisory x_refsource_confirm
https://www.johnsoncontrols.com/cyber-solutions/security-advisories
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/109307
Scores
CVSS v3
6.7
EPSS
0.0083
EPSS Percentile
52.5%
Attack Vector
LOCAL
CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Details
CWE
CWE-428
Status
published
Products (2)
johnsoncontrols/exacqvision_server
9.6
johnsoncontrols/exacqvision_server
9.8
Published
Jul 19, 2019
Tracked Since
Feb 18, 2026