CVE-2019-25269
Unknown Unknown - Not Provided
Unquoted Service Path in Amiti Antivirus Enables Privilege Escalation

Publication date: 2026-02-05

Last updated on: 2026-02-05

Assigner: VulnCheck

Description
Amiti Antivirus 25.0.640 contains an unquoted service path vulnerability in its Windows service configurations. Attackers can exploit the unquoted path to inject and execute malicious code with elevated LocalSystem privileges by placing executable files in specific directory locations.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-05
Last Modified
2026-02-05
Generated
2026-06-16
AI Q&A
2026-02-05
EPSS Evaluated
2026-06-15
NVD
CVE-2019-25269
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
netgate amiti_antivirus to 25.0.640 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

[{'type': 'paragraph', 'content': 'Amiti Antivirus version 25.0.640 contains an unquoted service path vulnerability in its Windows service configurations. This means that the paths to the service executables are not enclosed in quotes, which is problematic because the paths contain spaces.'}, {'type': 'paragraph', 'content': 'Due to this misconfiguration, Windows may incorrectly interpret the service path and execute a malicious executable placed by an attacker in a higher-priority directory, such as "C:\\Program.exe".'}, {'type': 'paragraph', 'content': 'This vulnerability allows an attacker with local access to inject and execute arbitrary code with elevated LocalSystem privileges by placing malicious files in specific directory locations.'}] [2, 3]

Impact Analysis

[{'type': 'paragraph', 'content': 'The vulnerability can lead to local privilege escalation, allowing an attacker to execute arbitrary code with LocalSystem privileges, which is the highest level of privilege on a Windows system.'}, {'type': 'paragraph', 'content': 'An attacker exploiting this flaw can gain full control over the affected system, potentially installing malware, stealing sensitive data, or disrupting system operations.'}, {'type': 'paragraph', 'content': "Since the affected services are set to auto-start and run under the LocalSystem account, the impact is severe and can compromise the entire system's security."}] [2, 3]

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking the service configuration for unquoted service paths in Amiti Antivirus services.'}, {'type': 'paragraph', 'content': "Specifically, you can use the Windows command line tool 'sc' to query the service configuration and look for unquoted executable paths."}, {'type': 'list_item', 'content': 'Run the command: sc qc AmitiAvHealth'}, {'type': 'list_item', 'content': 'Run the command: sc qc AmitiAvSrv'}, {'type': 'paragraph', 'content': 'If the binary paths returned by these commands are not enclosed in quotes and contain spaces, the system is vulnerable to this unquoted service path issue.'}] [3]

Mitigation Strategies

To mitigate this vulnerability, you should correct the service executable paths by enclosing them in quotes to prevent Windows from misinterpreting the path.

Alternatively, ensure that no malicious executables exist in directories that could be interpreted as part of the unquoted path.

If possible, update Amiti Antivirus to a version that addresses this vulnerability or apply any vendor-provided patches.

As a temporary measure, restrict local user access to the system to prevent placing malicious executables in the vulnerable path locations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25269. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart