CVE-2020-36934
Unquoted Service Path in Deep Instinct Agent Enables Privilege Escalation
Publication date: 2026-01-25
Last updated on: 2026-01-25
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| deep_instinct | windows_agent | 1.2.24.0 |
| deep_instinct | deepnetworkservice | 1.2.24.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-428 | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an unquoted service path issue in the DeepNetworkService of Deep Instinct Windows Agent version 1.2.24.0. Because the executable path (C:\Program Files\HP Sure Sense\DeepNetworkService.exe) is not enclosed in quotes, local users can exploit this by placing malicious executables in directories along the unquoted path. When the service starts, the system may execute the malicious code with elevated LocalSystem privileges, allowing privilege escalation. [3, 4]
How can this vulnerability impact me? :
If exploited, this vulnerability allows a local attacker to execute arbitrary code with elevated LocalSystem privileges on the affected system. This means the attacker can gain high-level control over the system, potentially compromising confidentiality, integrity, and availability of the system and its data. [3, 4]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for unquoted service paths on the affected system, specifically for the DeepNetworkService executable path: C:\Program Files\HP Sure Sense\DeepNetworkService.exe. On Windows systems, you can use the following command in an elevated command prompt or PowerShell to list services with unquoted paths containing spaces: PowerShell: Get-WmiObject win32_service | Where-Object { $_.PathName -like '* *' -and $_.PathName -notlike '"*"' } | Select-Object Name, PathName This command lists services whose executable paths contain spaces but are not enclosed in quotes, which is the condition for this vulnerability. You should specifically look for the DeepNetworkService service in the output to confirm if it is vulnerable. [3, 4]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, you should correct the unquoted service path by enclosing the executable path in quotes. This prevents the system from misinterpreting the path and executing malicious code placed in directories along the path. Specifically, update the DeepNetworkService service configuration to use the quoted path: "C:\Program Files\HP Sure Sense\DeepNetworkService.exe". Additionally, restrict local user permissions to prevent unauthorized users from placing executables in directories along the service path. If possible, apply any vendor patches or updates addressing this issue. As a temporary measure, monitor and audit the directories in the service path for unauthorized files. [3, 4]
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.