CVE-2019-25302
Unquoted Service Path in Acer Launch Manager Enables Privilege Escalation
Publication date: 2026-02-06
Last updated on: 2026-02-06
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| acer | launch_manager | 6.1.7600.16385 |
| acer | launch_manager | to 6.1.7600.16385 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-428 | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "This vulnerability exists in Acer Launch Manager version 6.1.7600.16385 within the 'DsiWMIService' Windows service. The service executable path is unquoted, specifically at C:\\Program Files (x86)\\Launch Manager\\dsiwmis.exe. Because the path is not enclosed in quotes, the system may misinterpret it and allow local attackers to place malicious executables in directories along this path."}, {'type': 'paragraph', 'content': 'When the service starts, the system might execute the malicious code with elevated, system-level privileges, enabling the attacker to run arbitrary code with high permissions.'}] [1, 2]
How can this vulnerability impact me? :
This vulnerability can allow a local attacker with low privileges to execute arbitrary code with system-level (elevated) privileges. This means the attacker could gain full control over the affected system, potentially compromising confidentiality, integrity, and availability of data and system resources.
- Execution of malicious code with system privileges.
- Potential full system compromise.
- Unauthorized access to sensitive data.
- Disruption or denial of service due to malicious actions.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': "This vulnerability can be detected by checking the service executable path for unquoted spaces in the Windows service configuration, specifically for the 'DsiWMIService'."}, {'type': 'paragraph', 'content': 'A common method is to query the service path using Windows command line tools and verify if the path is enclosed in quotes.'}, {'type': 'list_item', 'content': 'Run the command: sc qc DsiWMIService'}, {'type': 'list_item', 'content': 'Check the output for the BINARY_PATH_NAME field to see if the path "C:\\Program Files (x86)\\Launch Manager\\dsiwmis.exe" is unquoted.'}, {'type': 'paragraph', 'content': 'If the path is not enclosed in quotes, the system is vulnerable to this unquoted service path issue.'}] [1, 2]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'To mitigate this vulnerability, immediately enclose the service executable path in quotes to prevent the system from misinterpreting the path and executing malicious code.'}, {'type': 'paragraph', 'content': 'Specifically, update the \'DsiWMIService\' service configuration so that the binary path is set to ""C:\\Program Files (x86)\\Launch Manager\\dsiwmis.exe"" instead of an unquoted path.'}, {'type': 'paragraph', 'content': 'This can be done by using the following command with administrative privileges:'}, {'type': 'list_item', 'content': 'sc config DsiWMIService binPath= ""C:\\Program Files (x86)\\Launch Manager\\dsiwmis.exe""'}, {'type': 'paragraph', 'content': 'Additionally, ensure that no malicious executables exist in directories along the unquoted path and restrict write permissions to these directories to trusted users only.'}, {'type': 'paragraph', 'content': 'If possible, update or patch the Launch Manager software to a version that addresses this vulnerability.'}] [1, 2]