CVE-2023-53984
Unknown Unknown - Not Provided
Unquoted Service Path in Clevo HotKey Clipboard Enables Privilege Escalation

Publication date: 2026-01-13

Last updated on: 2026-01-13

Assigner: VulnCheck

Description
Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges. Attackers can exploit the misconfigured service path to inject and execute arbitrary code by placing malicious executables in specific file system locations.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-13
Last Modified
2026-01-13
Generated
2026-06-16
AI Q&A
2026-01-14
EPSS Evaluated
2026-06-15
NVD
CVE-2023-53984
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
clevo hotkey_clipboard 2.1.0.6
clevo control_center 3.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2023-53984 is a local privilege escalation vulnerability in Clevo HotKey Clipboard version 2.1.0.6 caused by an unquoted service path in the HKClipSvc Windows service. Because the service path contains spaces but is not enclosed in quotes, a local non-privileged user can place a malicious executable in certain locations that the system will execute with system-level privileges when starting the service. This allows the attacker to run arbitrary code with system privileges. [1, 3]

Impact Analysis

This vulnerability allows a local attacker with limited privileges to escalate their privileges to system level by executing arbitrary code. This can lead to full control over the affected system, compromising confidentiality, integrity, and availability of data and system resources. [1, 3]

Detection Guidance

This vulnerability can be detected by checking the service path of the HKClipSvc Windows service for unquoted paths containing spaces. On a Windows system, you can use the following command in an elevated command prompt or PowerShell to check the service path: sc qc HKClipSvc. If the path to the executable is unquoted and contains spaces (e.g., C:\Program Files (x86)\ControlCenter\Driver\x64\HKClipSvc.exe without quotes), the system is vulnerable. Additionally, you can use PowerShell to query the service path and inspect it for unquoted spaces. [3]

Mitigation Strategies

Immediate mitigation steps include correcting the service path by adding quotes around the executable path in the HKClipSvc service configuration to prevent execution of malicious executables. Alternatively, you can temporarily disable the HKClipSvc service to prevent exploitation until a patched version is available. Ensuring that local users do not have write permissions to directories in the service path can also reduce risk. [1, 3]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2023-53984. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart