CVE-2020-37047
Unquoted Service Path in Deep Instinct Agent Enables Privilege Escalation
Publication date: 2026-02-01
Last updated on: 2026-02-01
Assigner: VulnCheck
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| deep_instinct | windows_agent | to 1.2.29.0 (inc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-428 | The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is an unquoted service path issue in the DeepMgmtService of Deep Instinct Windows Agent version 1.2.29.0. Because the service executable path "C:\Program Files\HP Sure Sense\DeepMgmtService.exe" is not enclosed in quotes, a local attacker can place a malicious executable in a path segment that the system interprets before the legitimate service path during startup. This allows the attacker to execute arbitrary code with LocalSystem privileges, effectively leading to full system compromise. [1, 2]
How can this vulnerability impact me? :
If exploited, this vulnerability allows a local attacker to execute code with elevated LocalSystem privileges on the affected system. This can lead to privilege escalation, full system compromise, and unauthorized control over the system, impacting confidentiality, integrity, and availability of the system and its data. [1, 2]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by inspecting the service configuration for unquoted service paths. Specifically, you can use Windows Management Instrumentation Command-line (WMIC) and Service Control (sc) commands to check the executable path of the 'DeepMgmtService'. Look for the service path "C:\Program Files\HP Sure Sense\DeepMgmtService.exe" and verify if it is unquoted. Commands such as `wmic service where name='DeepMgmtService' get PathName` and `sc qc DeepMgmtService` can be used to view the service executable path and confirm if it is unquoted. [2]
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability immediately, enclose the service executable path in quotes to prevent the system from misinterpreting the path and executing malicious code. Specifically, update the 'DeepMgmtService' service configuration so that the executable path is quoted, for example: ""C:\Program Files\HP Sure Sense\DeepMgmtService.exe"". Additionally, restrict local user permissions to prevent unauthorized users from placing executables in directories that could be interpreted during service startup. Applying the latest patches or updates from the vendor that address this issue is also recommended. [1]