CVE-2020-37100
Unknown Unknown - Not Provided
Unquoted Service Path in Sync Breeze Enterprise Enables Privilege Escalation

Publication date: 2026-02-03

Last updated on: 2026-02-20

Assigner: VulnCheck

Description
Sync Breeze Enterprise 12.4.18 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path by placing malicious executables in specific file system locations to hijack the service startup process.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-02-03
Last Modified
2026-02-20
Generated
2026-06-16
AI Q&A
2026-02-03
EPSS Evaluated
2026-06-15
NVD
CVE-2020-37100
EUVD
EUVD-2020-30976
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
flexense syncbreeze 12.4.18
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2020-37100 is an unquoted service path vulnerability found in Sync Breeze Enterprise version 12.4.18. This vulnerability occurs because the service executable path is not enclosed in quotes, which allows local attackers to place malicious executables in specific file system locations.

When the service starts, the system may mistakenly execute the malicious executable instead of the intended service binary, leading to arbitrary code execution with elevated system privileges.

Impact Analysis

This vulnerability allows a local attacker to escalate their privileges by executing arbitrary code with elevated system privileges.

Because the service runs with the LocalSystem account and is set to auto-start, exploitation can lead to full control over the affected system, potentially compromising confidentiality, integrity, and availability.

Detection Guidance

[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking for unquoted service paths in the Sync Breeze Enterprise service configuration. Specifically, the service executable path is not enclosed in quotes, which can be identified using Windows command-line tools.'}, {'type': 'list_item', 'content': 'Use the Windows Management Instrumentation Command-line (WMIC) to query the service executable path, for example: wmic service where "name=\'Sync Breeze Enterprise\'" get PathName'}, {'type': 'list_item', 'content': 'Use the Service Control (sc) command to query the service configuration: sc qc "Sync Breeze Enterprise"'}, {'type': 'paragraph', 'content': 'If the executable path returned by these commands is unquoted and contains spaces, it indicates the presence of the unquoted service path vulnerability.'}] [2]

Mitigation Strategies

To mitigate this vulnerability, immediately ensure that the service executable path is properly quoted in the service configuration to prevent execution of malicious binaries placed in the file system.

Additionally, restrict local user permissions to prevent unauthorized users from placing executables in directories that are part of the unquoted service path.

If possible, update or patch Sync Breeze Enterprise to a version where this vulnerability is fixed.

Compliance Impact

The provided information does not specify any direct impact of this vulnerability on compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2020-37100. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart