CVE-2021-47945
Received Received - Intake
Argus Surveillance DVR 4.0 Unquoted Service Path Privilege Escalation

Publication date: 2026-05-10

Last updated on: 2026-05-10

Assigner: VulnCheck

Description
Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem privileges when the service starts.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-05-10
Last Modified
2026-05-10
Generated
2026-06-21
AI Q&A
2026-05-10
EPSS Evaluated
2026-06-20
NVD
CVE-2021-47945
EUVD
EUVD-2021-34805
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
argus surveillance_dvr 4.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2021-47945 is an unquoted service path vulnerability found in Argus Surveillance DVR 4.0's DVRWatchdog service. This vulnerability occurs because the service's executable path is not enclosed in quotes, allowing local attackers to exploit the path parsing behavior in Windows.

An attacker can place a malicious executable in a directory with a name that matches a prefix of the service path, such as "C:\Program.exe", which will be executed with LocalSystem privileges when the service starts. This effectively allows the attacker to escalate their privileges on the affected system.

Impact Analysis

This vulnerability allows local attackers to escalate their privileges to LocalSystem level by exploiting the unquoted service path. Once exploited, the attacker can execute malicious code with the highest system privileges.

  • Attackers can gain full control over the affected system.
  • They can install persistent malware or backdoors.
  • They can bypass security restrictions and access sensitive data.
  • The system's integrity and availability can be compromised.
Detection Guidance

This vulnerability can be detected by checking the service configuration for unquoted service paths, specifically for the DVRWatchdog service used by Argus Surveillance DVR 4.0.

On a Windows system, you can query the service configuration to identify if the binary path is unquoted. For example, using the command:

  • sc qc "Argus Surveillance DVR Watchdog"

This command will display the service's binary path. If the path is not enclosed in quotes and contains spaces (e.g., C:\Program Files\Argus Surveillance DVR\DVRWatchdog.exe), it indicates the presence of the unquoted service path vulnerability.

Mitigation Strategies

To mitigate this vulnerability immediately, you should ensure that the service binary path is properly quoted to prevent execution of malicious executables placed in directories with matching prefixes.

Specifically, update the service configuration to enclose the executable path in double quotes, for example:

  • "C:\Program Files\Argus Surveillance DVR\DVRWatchdog.exe"

Additionally, restrict write permissions to the Program Files directory to prevent attackers from placing malicious executables there.

If possible, disable the 'Start as service on Windows Startup' option for the DVRWatchdog service until the path issue is fixed.

Compliance Impact

The provided information does not specify how the CVE-2021-47945 vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47945. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart