CVE-2021-47974

HIGH

VX Search 13.5.28 Unquoted Service Path Privilege Escalation

Title source: cna
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47974. PoCs published by Brian Rodriguez.

AI-analyzed exploit summary This is a technical writeup detailing the discovery of an unquoted service path vulnerability in VX Search 13.5.28. It includes steps to identify the vulnerability using Windows commands and confirms the presence of vulnerable services.

Description

VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute arbitrary code with LocalSystem privileges when services restart.

Exploits (1)

exploitdb WRITEUP
by Brian Rodriguez · textlocalwindows
https://www.exploit-db.com/exploits/50026

This is a technical writeup detailing the discovery of an unquoted service path vulnerability in VX Search 13.5.28. It includes steps to identify the vulnerability using Windows commands and confirms the presence of vulnerable services.

Classification
Writeup 90%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: VX Search 13.5.28
No auth needed
Prerequisites: Access to the target system · Ability to execute commands
devstral-2 · analyzed May 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit exploit
ExploitDB-50026
https://www.exploit-db.com/exploits/50026
Product product
Official Product Homepage
https://www.vxsearch.com
Third Party Advisory third-party-advisory
VulnCheck Advisory: VX Search 13.5.28 Unquoted Service Path Privilege Escalation
https://www.vulncheck.com/advisories/vx-search-unquoted-service-path-privilege-escalation

Scores

CVSS v3 7.8
EPSS 0.0012
EPSS Percentile 2.2%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-428
Status published
Products (1)
Vxsearch/VX Search 13.5.28
Published May 16, 2026
Tracked Since May 16, 2026