CVE-2019-25274
Unquoted Service Path in ProShow Producer Allows Local Code Execution
Publication date: 2026-02-05
Last updated on: 2026-02-05
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| photodex | proshow_producer | 9.0.3797 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-428 | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': 'CVE-2019-25274 is an unquoted service path vulnerability found in ProShow Producer version 9.0.3797, specifically in the ScsiAccess Windows service.'}, {'type': 'paragraph', 'content': "Because the service's binary path contains spaces and is not enclosed in quotes, a local attacker can exploit this by placing a malicious executable in a location that the system mistakenly interprets as the service executable path."}, {'type': 'paragraph', 'content': 'When the service starts, the malicious executable can be run with LocalSystem privileges, allowing the attacker to execute arbitrary code with elevated rights.'}] [1, 2]
How can this vulnerability impact me? :
This vulnerability can allow a local attacker to escalate their privileges by executing arbitrary code with LocalSystem privileges on the affected system.
Such elevated privileges can lead to full control over the system, including the ability to modify system files, install malware, or access sensitive data.
Because the attack requires local access, it primarily impacts users or attackers who already have some level of access to the machine.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking the service configuration for the ScsiAccess service to see if its binary path is unquoted and contains spaces. Specifically, you want to verify if the service path is something like: C:\Program Files\Photodex\ProShow Producer\ScsiAccess.exe without quotation marks.
On a Windows system, you can use the following command to check the binary path of the ScsiAccess service:
- sc qc ScsiAccess
If the BINARY_PATH_NAME output shows an unquoted path with spaces, the system is vulnerable to this unquoted service path issue.
Additionally, you can manually inspect the service path in the Windows Registry under: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ScsiAccess
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'To mitigate this vulnerability, you should correct the unquoted service path by enclosing the binary path of the ScsiAccess service in quotation marks. This prevents the system from misinterpreting the path and executing malicious executables placed in intermediate directories.'}, {'type': 'paragraph', 'content': 'You can do this by editing the service configuration or the registry entry for the ScsiAccess service to ensure the binary path is quoted, for example:'}, {'type': 'list_item', 'content': '"C:\\Program Files\\Photodex\\ProShow Producer\\ScsiAccess.exe"'}, {'type': 'paragraph', 'content': 'After making this change, restart the service or reboot the system to apply the fix.'}, {'type': 'paragraph', 'content': 'Additionally, ensure that only trusted users have write permissions to the directories in the service path to prevent placing malicious executables.'}] [1, 2]