CVE-2023-54338
Unquoted Service Path in Tftpd32 SE 4.60 Enables Privilege Escalation
Publication date: 2026-01-13
Last updated on: 2026-01-13
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| pjo2 | tftpd32_se | 4.60 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-428 | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided resources do not contain information regarding the impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
CVE-2023-54338 is an unquoted service path vulnerability in Tftpd32 SE version 4.60, specifically in the 'Tftpd32_svc' Windows service. Because the service path contains spaces and is not enclosed in quotes, a local attacker can place a malicious executable in a location that Windows might execute instead of the legitimate service binary. This allows the attacker to execute arbitrary code with elevated system-level privileges. [1, 2]
How can this vulnerability impact me? :
This vulnerability can allow a local attacker to escalate their privileges to system-level by executing arbitrary code through the unquoted service path. This means the attacker could gain full control over the affected system, potentially compromising confidentiality, integrity, and availability of data and services. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking the service path of the 'Tftpd32_svc' Windows service to see if it is unquoted and contains spaces. On a Windows system, you can use the following command to check the service path: sc qc Tftpd32_svc. If the path to the executable is unquoted and contains spaces (e.g., C:\Program Files (x86)\Tftpd32_SE\tftpd32_svc.exe without quotes), the system is vulnerable to this issue. [2]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, immediately quote the service executable path in the service configuration to prevent execution of malicious executables placed in the path. Alternatively, update or patch the Tftpd32_SE software to a version where this issue is fixed. Restrict local user permissions to prevent unauthorized users from placing executables in the service path directories. Additionally, monitor and audit the service path directories for any suspicious files. [1, 2]