CVE-2019-25308
Unquoted Service Path Vulnerability in Mikogo Service Enables Privilege Escalation
Publication date: 2026-02-11
Last updated on: 2026-02-26
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| mikogo | mikogo | 5.2.150317 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-428 | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
Attack-Flow Graph
AI Powered Q&A
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking the Mikogo-Service Windows service configuration for unquoted service paths, especially paths containing spaces.
A common method is to query the service path using Windows command line tools and inspect if the executable path is unquoted.
- Run the command: sc qc Mikogo-Service
- Check the BINARY_PATH_NAME output for unquoted paths containing spaces, such as: C:\Users\Administrator\AppData\Roaming\Mikogo\Mikogo-Service.exe
If the path is unquoted and contains spaces, the service is vulnerable to this unquoted service path privilege escalation.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
Can you explain this vulnerability to me?
[{'type': 'paragraph', 'content': "CVE-2019-25308 is an unquoted service path vulnerability in the Mikogo-Service Windows service configuration of Mikogo version 5.2.2.150317. Because the service path contains spaces and is not enclosed in quotes, an attacker with local privileges can place malicious executable files in specific directories. When the service starts, the system may mistakenly execute the attacker's malicious code instead of the legitimate service executable."}, {'type': 'paragraph', 'content': 'This vulnerability allows the attacker to execute arbitrary code with LocalSystem privileges, which is the highest level of privilege on a Windows system.'}] [1, 2]
How can this vulnerability impact me? :
Exploitation of this vulnerability can lead to local privilege escalation, allowing an attacker to execute arbitrary code with LocalSystem privileges.
This means the attacker can gain full control over the affected system, potentially compromising confidentiality, integrity, and availability of data and system resources.
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'To mitigate this vulnerability, immediately update the Mikogo-Service Windows service configuration to properly quote the service executable path.'}, {'type': 'paragraph', 'content': 'Specifically, enclose the full path to Mikogo-Service.exe in double quotes to prevent the system from misinterpreting the path and executing malicious code.'}, {'type': 'list_item', 'content': 'Use the command: sc config Mikogo-Service binPath= ""C:\\Users\\Administrator\\AppData\\Roaming\\Mikogo\\Mikogo-Service.exe""'}, {'type': 'paragraph', 'content': 'Additionally, ensure that no unauthorized executables exist in directories along the service path that could be executed by the system.'}, {'type': 'paragraph', 'content': 'If possible, update Mikogo to a version where this vulnerability is fixed or apply vendor-provided patches.'}] [2]