CVE-2019-25287
Unknown Unknown - Not Provided
Unquoted Service Path in Adaware Web Companion Enables Privilege Escalation

Publication date: 2026-02-05

Last updated on: 2026-02-05

Assigner: VulnCheck

Description
Adaware Web Companion version 4.8.2078.3950 contains an unquoted service path vulnerability in the WCAssistantService that allows local users to potentially execute code with elevated privileges. Attackers can exploit the unquoted path in C:\Program Files (x86)\Lavasoft\Web Companion\Application\ to inject malicious code that would execute with LocalSystem privileges during service startup.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-05
Last Modified
2026-02-05
Generated
2026-06-16
AI Q&A
2026-02-05
EPSS Evaluated
2026-06-14
NVD
CVE-2019-25287
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
lavasoft web_companion to 4.8.2078.3950 (inc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

Adaware Web Companion version 4.8.2078.3950 contains an unquoted service path vulnerability in the WCAssistantService. This means that the service executable path, which includes spaces, is not enclosed in quotes. Because of this, a local attacker can place malicious executables in directories along the service path. When the service starts, the system may execute the malicious code instead of the legitimate service executable.

This vulnerability allows local users to execute arbitrary code with elevated privileges, specifically with LocalSystem privileges, which is a very high level of access on the system.

Impact Analysis

If exploited, this vulnerability allows a local attacker to run arbitrary code with LocalSystem privileges. This means the attacker can gain full control over the affected system, potentially installing malware, stealing sensitive data, modifying system configurations, or disrupting system availability.

Because the attack requires local access and the ability to write files to certain directories, it is primarily a local privilege escalation vulnerability. However, once exploited, the impact on confidentiality, integrity, and availability of the system is high.

Compliance Impact

I don't know

Detection Guidance

[{'type': 'paragraph', 'content': "This vulnerability can be detected by checking the service configuration for unquoted service paths, specifically for the 'WCAssistantService'."}, {'type': 'paragraph', 'content': 'Commands such as Windows Management Instrumentation Command-line (WMIC) and Service Control (sc) can be used to query the service details and confirm the unquoted path.'}, {'type': 'list_item', 'content': 'Use WMIC to query the service path: wmic service where "name=\'WCAssistantService\'" get PathName'}, {'type': 'list_item', 'content': 'Use sc qc command to query the service configuration: sc qc WCAssistantService'}, {'type': 'paragraph', 'content': 'If the executable path returned contains spaces and is not enclosed in quotes, the service is vulnerable to this unquoted service path issue.'}] [2]

Mitigation Strategies

[{'type': 'paragraph', 'content': 'To mitigate this vulnerability, immediately ensure that the service executable path is properly quoted to prevent execution of malicious code.'}, {'type': 'paragraph', 'content': 'Specifically, update the service configuration to enclose the executable path in double quotes, for example: "C:\\Program Files (x86)\\Lavasoft\\Web Companion\\Application\\Lavasoft.WCAssistant.WinService.exe".'}, {'type': 'paragraph', 'content': 'Additionally, restrict write permissions on directories in the service path to prevent attackers from placing malicious executables.'}, {'type': 'paragraph', 'content': 'If possible, update or patch Adaware Web Companion to a version that addresses this vulnerability.'}] [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25287. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart