CVE-2024-57276

HIGH Year: 2024
CVSS v3 Score
7.3
High
Weakness Type
CWE-428
View all →

Vulnerability Description

In Electronic Arts Dragon Age Origins 1.05, the DAUpdaterSVC service contains an unquoted service path vulnerability. This service is configured with insecure permissions, allowing users to modify the executable file path used by the service. The service runs with NT AUTHORITY\SYSTEM privileges, enabling attackers to escalate privileges by replacing or placing a malicious executable in the service path.

Related Vulnerabilities

CVE-2017-7180

HIGH
CVSS:7.3(High)

Net Monitor for Employees Pro through 5.3.4 has an unquoted service path, which allows a Security Feature Bypass of its documented "Block applications" design goal. The local attacker must have privil...

CWE-4282017

CVE-2021-0112

HIGH
CVSS:7.3(High)

Unquoted service path in the Intel Unite(R) Client for Windows before version 4.2.25031 may allow an authenticated user to potentially enable an escalation of privilege via local access.

CWE-4282021

CVE-2022-36384

HIGH
CVSS:7.3(High)

Unquoted search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation o...

CWE-4282022

CVE-2023-22282

HIGH
CVSS:7.3(High)

WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a ce...

CWE-4282023

CVE-2023-22841

HIGH
CVSS:7.3(High)

Unquoted search path in the software installer for the System Firmware Update Utility (SysFwUpdt) for some Intel(R) Server Boards and Intel(R) Server Systems Based on Intel(R) 621A Chipset before vers...

CWE-4282023

CVE-2023-29165

HIGH
CVSS:7.3(High)

Unquoted search path or element in some Intel(R) Arc(TM) Control software before version 1.73.5335.2 may allow an authenticated user to potentially enable escalation of privilege via local access.

CWE-4282023