CVE-2022-50921
Unquoted Service Path in WOW21 5.0.1.9 Enables Privilege Escalation
Publication date: 2026-01-13
Last updated on: 2026-02-02
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| unknown_vendor | wow21 | 5.0.1.9 |
| unknown_vendor | wow21 | From 5.0.1.9 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-428 | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
CVE-2022-50921 is an unquoted service path vulnerability in WOW21 version 5.0.1.9. This means the service executable path is not enclosed in quotes, which can allow a local attacker to place a malicious executable in a location that the system mistakenly executes instead of the intended service binary. When the service starts, it runs the malicious executable with elevated LocalSystem privileges, potentially allowing arbitrary code execution with high system privileges. [1, 2]
How can this vulnerability impact me? :
This vulnerability can allow a local attacker with limited privileges to escalate their privileges to LocalSystem level by exploiting the unquoted service path. This means the attacker can execute arbitrary code with the highest system privileges, potentially leading to full system compromise, unauthorized access, and control over the affected machine. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
You can detect this vulnerability by checking if the WOW21_Service has an unquoted service path. On a Windows system, use the command: sc qc WOW21_Service. This will display the service configuration including the binary path. If the path to the executable is unquoted and contains spaces (e.g., C:\Program Files\WOW21\WOW21_Service.exe without quotes), the system is vulnerable to this unquoted service path issue. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately quote the service binary path in the service configuration to prevent the system from misinterpreting the path. This can be done by editing the service configuration to enclose the executable path in double quotes. Alternatively, update WOW21 to a version where this vulnerability is fixed or remove the vulnerable service if it is not needed. Restrict local user permissions to prevent unauthorized modification of directories in the service path. [1, 2]