CVE-2023-53954

MEDIUM

ActFax 10.10 - Privilege Escalation

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-53954. PoCs published by Birkan ALHAN.

AI-analyzed exploit summary This is a writeup describing an unquoted service path vulnerability in ActFax 10.10, where an attacker with write privileges to specific directories can escalate privileges by injecting a malicious executable. The document provides discovery methods and exploitation steps but does not include functional exploit code.

Description

ActFax 10.10 contains an unquoted service path vulnerability that allows local attackers to potentially escalate privileges by exploiting the ActiveFaxServiceNT service configuration. Attackers with write permissions to Program Files directories can inject a malicious ActSrvNT.exe executable to gain elevated system access when the service restarts.

Exploits (1)

exploitdb WRITEUP

by Birkan ALHAN · textlocalwindows

https://www.exploit-db.com/exploits/51332

View Code ZIP pw:eip

This is a writeup describing an unquoted service path vulnerability in ActFax 10.10, where an attacker with write privileges to specific directories can escalate privileges by injecting a malicious executable. The document provides discovery methods and exploitation steps but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: ActFax 10.10, Build 0551

Auth required

Prerequisites: Write access to 'C:\Program Files\ActiveFax' or 'C:\' · Ability to restart the ActiveFaxServiceNT service

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Core References

Exploit, Third Party Advisory exploit

https://www.exploit-db.com/exploits/51332

Various Sources product

https://www.actfax.com

Third Party Advisory third-party-advisory

https://www.vulncheck.com/advisories/actfax-unquoted-path-services-privilege-escalation-vulnerability

Scores

CVSS v3 6.2

EPSS 0.0012

EPSS Percentile 2.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact partial

Details

CWE

CWE-428

Status published

Products (1)

Actfax/ActFax 10.10

Published Dec 19, 2025

Tracked Since Feb 18, 2026