CVE-2022-50938
Unknown Unknown - Not Provided
Unquoted Service Path in CONTPAQi AdminPAQ Allows Privilege Escalation

Publication date: 2026-01-13

Last updated on: 2026-01-13

Assigner: VulnCheck

Description
CONTPAQi AdminPAQ 14.0.0 contains an unquoted service path vulnerability in the AppKeyLicenseServer service running with LocalSystem privileges. Attackers can exploit the unquoted path to inject malicious code in the service binary path, potentially executing arbitrary code with elevated system privileges during service startup.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-13
Last Modified
2026-01-13
Generated
2026-06-16
AI Q&A
2026-01-14
EPSS Evaluated
2026-06-14
NVD
CVE-2022-50938
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
contpaq adminpaq 14.0.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2022-50938 is an unquoted service path vulnerability in the AppKeyLicenseServer service of CONTPAQi AdminPAQ version 14.0.0. The service runs with LocalSystem privileges and its executable path contains spaces but is not enclosed in quotes. This allows a local attacker to place a malicious executable in a higher-level directory in the path hierarchy. When the service starts, the system may execute the attacker's malicious code instead of the legitimate service binary, leading to arbitrary code execution with elevated system privileges. [1, 2]

Impact Analysis

This vulnerability can allow a local attacker to escalate privileges by executing arbitrary code with LocalSystem privileges on the affected system. This means the attacker can gain full control over the system, potentially compromising confidentiality, integrity, and availability of data and system resources without detection by the operating system or security software. [1, 2]

Detection Guidance

You can detect the unquoted service path vulnerability by checking the service executable path for unquoted paths containing spaces. For the AppKeyLicenseServer service, verify if the service path is unquoted. On Windows, you can use the command: sc qc AppKeyLicenseServer_CONTPAQi and inspect the BINARY_PATH_NAME for unquoted paths with spaces. Alternatively, use PowerShell: Get-WmiObject win32_service | Where-Object { $_.Name -eq 'AppKeyLicenseServer_CONTPAQi' } | Select-Object Name, PathName and check if the PathName is unquoted and contains spaces. If the path is unquoted and contains spaces, the system is vulnerable. [1, 2]

Mitigation Strategies

Immediate mitigation involves correcting the unquoted service path by enclosing the executable path in double quotes to prevent malicious code injection. Specifically, update the AppKeyLicenseServer service's binary path to be quoted, for example: "C:\Program Files (x86)\Compac\Servidor de Licencias\AppkeyLicenseServer\AppKeyLicenseServer.exe". Additionally, restrict local user permissions to prevent placing executables in higher-level directories and consider applying any available patches or updates from the vendor. Reboot the system after making changes to ensure the fix takes effect. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50938. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart