CVE-2020-37021
Unknown Unknown - Not Provided
Unquoted Service Path in 10-Strike Bandwidth Monitor Enables Privilege Escalation

Publication date: 2026-01-29

Last updated on: 2026-01-29

Assigner: VulnCheck

Description
10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in specific file path locations to achieve privilege escalation to SYSTEM during service startup.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-29
Last Modified
2026-01-29
Generated
2026-06-16
AI Q&A
2026-01-29
EPSS Evaluated
2026-06-15
NVD
CVE-2020-37021
EUVD
EUVD-2020-30924
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
10-strike bandwidth_monitor 3.9
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2020-37021 is an unquoted service path vulnerability in 10-Strike Bandwidth Monitor version 3.9. It affects multiple Windows services that run under the LocalSystem account but have executable paths containing spaces that are not enclosed in quotes. This misconfiguration allows a local attacker with limited privileges to place a malicious executable in certain file path locations. When the service starts, it may execute the malicious code with SYSTEM-level privileges, leading to privilege escalation. [1, 2]

Impact Analysis

This vulnerability can allow a local attacker to escalate their privileges from a limited user to SYSTEM level on the affected machine. This means the attacker could gain full control over the system, potentially leading to unauthorized access, modification, or destruction of data, installation of malware, or disruption of system operations. [1, 2]

Detection Guidance

You can detect this vulnerability by checking for unquoted service paths in the affected services. Specifically, look for services like 'Svc10StrikeBandMontitor', 'Svc10StrikeBMWD', and 'Svc10StrikeBMAgent' whose executable paths contain spaces but are not enclosed in quotes. On a Windows system, you can use the command: sc qc <ServiceName> to query the service configuration and inspect the BINARY_PATH_NAME for unquoted paths. For example, run 'sc qc Svc10StrikeBandMontitor' and check if the path is unquoted. If the path contains spaces and is not enclosed in quotes, the service is vulnerable. [2]

Mitigation Strategies

Immediate mitigation steps include correcting the unquoted service paths by enclosing the executable paths in double quotes to prevent execution of malicious executables placed in unintended locations. Alternatively, restrict local user permissions to prevent placing executables in directories that could be exploited. Applying updates or patches from the vendor, if available, is also recommended. Since the vulnerability allows local privilege escalation, limiting local user access and auditing service configurations are critical immediate steps. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37021. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart