CVE-2022-50913
Unquoted Service Path in ITeCProteccioAppServer Enables Privilege Escalation
Publication date: 2026-01-13
Last updated on: 2026-01-13
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| itec | itecproteccioappserver | to 2026-01-13 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-428 | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an unquoted service path issue in the ITeCProteccioAppServer Windows service. Because the service executable path is not enclosed in quotes, a local attacker can place a malicious executable in a directory along the service path. When the service restarts or the system reboots, the system may execute the malicious executable with elevated system privileges, allowing the attacker to run arbitrary code as SYSTEM. [2, 3]
How can this vulnerability impact me? :
The vulnerability allows a local attacker to escalate their privileges to SYSTEM level by inserting a malicious executable in the service path. This means the attacker can execute arbitrary code with the highest system privileges, potentially compromising the entire system, accessing sensitive data, or disrupting system operations. [2, 3]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking the service configuration for unquoted service paths. Specifically, for the ITeCProteccioAppServer service, use the Windows command: sc qc ITeCProteccioAppServer. This command will display the service executable path, and if it is unquoted (e.g., C:\Program Files (x86)\ITeC\LIC\ITeCProteccioAppServer.exe without quotes), the system is vulnerable. Look for unquoted paths that could allow an attacker to place malicious executables in directories referenced by the path. [2]
What immediate steps should I take to mitigate this vulnerability?
Immediate mitigation steps include correcting the service executable path by enclosing it in quotes to prevent path hijacking. This can be done by modifying the service configuration to quote the executable path properly. Additionally, ensure that only trusted users have local access to the system to reduce the risk of malicious executable placement. Restart the service or system after applying the fix to ensure the corrected path is used. [2, 3]