CVE-2020-36934
Unknown Unknown - Not Provided
Unquoted Service Path in Deep Instinct Agent Enables Privilege Escalation

Publication date: 2026-01-25

Last updated on: 2026-01-25

Assigner: VulnCheck

Description
Deep Instinct Windows Agent 1.2.24.0 contains an unquoted service path vulnerability in the DeepNetworkService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files\HP Sure Sense\DeepNetworkService.exe to inject malicious code that would execute with LocalSystem permissions during service startup.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-25
Last Modified
2026-01-25
Generated
2026-06-16
AI Q&A
2026-01-25
EPSS Evaluated
2026-06-15
NVD
CVE-2020-36934
EUVD
EUVD-2026-4640
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
deep_instinct windows_agent 1.2.24.0
deep_instinct deepnetworkservice 1.2.24.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an unquoted service path issue in the DeepNetworkService of Deep Instinct Windows Agent version 1.2.24.0. Because the executable path (C:\Program Files\HP Sure Sense\DeepNetworkService.exe) is not enclosed in quotes, local users can exploit this by placing malicious executables in directories along the unquoted path. When the service starts, the system may execute the malicious code with elevated LocalSystem privileges, allowing privilege escalation. [3, 4]

Impact Analysis

If exploited, this vulnerability allows a local attacker to execute arbitrary code with elevated LocalSystem privileges on the affected system. This means the attacker can gain high-level control over the system, potentially compromising confidentiality, integrity, and availability of the system and its data. [3, 4]

Detection Guidance

This vulnerability can be detected by checking for unquoted service paths on the affected system, specifically for the DeepNetworkService executable path: C:\Program Files\HP Sure Sense\DeepNetworkService.exe. On Windows systems, you can use the following command in an elevated command prompt or PowerShell to list services with unquoted paths containing spaces: PowerShell: Get-WmiObject win32_service | Where-Object { $_.PathName -like '* *' -and $_.PathName -notlike '"*"' } | Select-Object Name, PathName This command lists services whose executable paths contain spaces but are not enclosed in quotes, which is the condition for this vulnerability. You should specifically look for the DeepNetworkService service in the output to confirm if it is vulnerable. [3, 4]

Mitigation Strategies

To mitigate this vulnerability immediately, you should correct the unquoted service path by enclosing the executable path in quotes. This prevents the system from misinterpreting the path and executing malicious code placed in directories along the path. Specifically, update the DeepNetworkService service configuration to use the quoted path: "C:\Program Files\HP Sure Sense\DeepNetworkService.exe". Additionally, restrict local user permissions to prevent unauthorized users from placing executables in directories along the service path. If possible, apply any vendor patches or updates addressing this issue. As a temporary measure, monitor and audit the directories in the service path for unauthorized files. [3, 4]

Compliance Impact

The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-36934. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart