CVE-2021-47803
BaseFortify
Publication date: 2026-01-16
Last updated on: 2026-01-16
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| ifunbox | ifunbox | 4.2 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-428 | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2021-47803 is an unquoted service path vulnerability in iFunbox version 4.2's Apple Mobile Device Service. Because the service executable path is not enclosed in quotes, a local attacker can place a malicious executable in a directory along the service path. When the service restarts, the operating system may execute the malicious executable with LocalSystem privileges, allowing the attacker to run arbitrary code with elevated privileges. [1, 3]
How can this vulnerability impact me? :
This vulnerability can lead to local privilege escalation. An attacker with local access can execute arbitrary code with LocalSystem privileges by placing a malicious executable in the unquoted service path. This can compromise the affected system by allowing unauthorized actions with high-level permissions. [1, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if the Apple Mobile Device Service executable path is unquoted. On a Windows system, use the command: sc qc "Apple Mobile Device Service" to query the service configuration and inspect the BINARY_PATH_NAME for unquoted paths. If the path contains spaces and is not enclosed in quotes, the system is vulnerable. Additionally, you can manually check the service executable path, typically: C:\Program Files (x86)\i-Funbox DevTeam\Mobile Device Support\AppleMobileDeviceService.exe, to confirm if it is unquoted. [3]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation involves correcting the unquoted service path by enclosing the executable path in quotes to prevent execution of malicious executables placed in the path. Alternatively, restrict local user permissions to prevent placing executables in the service path directories. Restarting the service after fixing the path ensures the fix takes effect. Also, monitor and restrict local access to the system to reduce risk of exploitation. [1, 3]