CVE-2021-47867
Unquoted Service Path Vulnerability in WIN-PACK PRO4.8 ScheduleService
Publication date: 2026-01-21
Last updated on: 2026-01-21
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| honeywell | winpakpro | 4.8 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-428 | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an unquoted service path issue in WIN-PACK PRO version 4.8's ScheduleService. The executable path for the service contains spaces but is not enclosed in quotes, specifically at 'C:\Program Files (x86)\WINPAKPRO\ScheduleService Service.exe'. Because of this, a local attacker can place a malicious executable in a location that the system might mistakenly execute instead of the intended service executable. When the service starts, the malicious code runs with elevated system privileges, allowing the attacker to escalate their privileges on the system. [1, 2]
How can this vulnerability impact me? :
If exploited, this vulnerability allows a local attacker to execute arbitrary code with elevated system privileges. This means the attacker can gain higher-level access than normally permitted, potentially compromising the entire system by running malicious code during the service startup. This could lead to unauthorized control over the system, data theft, or further attacks. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for unquoted service paths in Windows services, specifically looking for the ScheduleService executable path. Commands such as WMIC and sc can be used to identify services with unquoted paths that start automatically. For example, using WMIC: `wmic service get name,pathname,startmode | findstr /i "ScheduleService"` or using sc to query the service configuration can help detect the unquoted path vulnerability. [1]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include correcting the service executable path by enclosing it in quotes to prevent the unquoted service path vulnerability. This involves modifying the service configuration to ensure the path `C:\Program Files (x86)\WINPAKPRO\ScheduleService Service.exe` is properly quoted. Additionally, restricting local user permissions to prevent placing malicious executables in the service path directories can reduce risk until a patch or update is applied. [1, 2]