CVE-2016-20095
Received Received - Intake
Matrix42 Remote Control Host Unquoted Service Path Privilege Escalation

Publication date: 2026-06-19

Last updated on: 2026-06-19

Assigner: VulnCheck

Description
Matrix42 Remote Control Host 3.20.0031 contains an unquoted service path vulnerability in the FastViewerRemoteService and FastViewerRemoteProxy services that allows local users to execute arbitrary code with SYSTEM privileges. Attackers can place a malicious executable in the Program Files directory with a crafted name to be executed by the service during startup, gaining elevated privileges.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-06-19
Last Modified
2026-06-19
Generated
2026-06-19
AI Q&A
2026-06-19
EPSS Evaluated
N/A
NVD
CVE-2016-20095
EUVD
EUVD-2016-10908
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
matrix42 remote_control_host 3.20.0031
matrix42 remote_control_host to 3.20.0031 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2016-20095 is an unquoted service path vulnerability found in Matrix42 Remote Control Host version 3.20.0031, specifically in the FastViewerRemoteService and FastViewerRemoteProxy services.

Because the service paths are not enclosed in quotes, a local user with limited privileges can place a malicious executable with a crafted name in the Program Files directory. When the service starts or restarts, it may execute this malicious file with SYSTEM-level privileges, allowing the attacker to run arbitrary code with elevated rights.

Compliance Impact

The provided information does not specify how the unquoted service path vulnerability in Matrix42 Remote Control Host 3.20.0031 directly affects compliance with common standards and regulations such as GDPR or HIPAA.

Impact Analysis

This vulnerability allows a local attacker to escalate their privileges from a limited user to SYSTEM level, which is the highest privilege on a Windows system.

  • An attacker can execute arbitrary code with SYSTEM privileges.
  • They can place malicious executables in the Program Files directory that will be run by the vulnerable service.
  • This can lead to full system compromise, unauthorized access, and control over the affected machine.
Detection Guidance

This vulnerability can be detected by checking the service paths of the FastViewerRemoteService and FastViewerRemoteProxy services for unquoted paths in the Windows registry.

Specifically, you can inspect the ImagePath registry values under HKLM\SYSTEM\CurrentControlSet\services for these services to see if the paths are missing quotes.

A common command to check this on a Windows system using PowerShell is:

  • Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\services\FastViewerRemoteService' -Name ImagePath
  • Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\services\FastViewerRemoteProxy' -Name ImagePath

If the returned ImagePath values are not enclosed in quotes, the system is vulnerable.

Mitigation Strategies

To mitigate this vulnerability immediately, you should manually add quotes around the ImagePath registry values for the affected services.

This involves editing the registry keys at HKLM\SYSTEM\CurrentControlSet\services\FastViewerRemoteService and HKLM\SYSTEM\CurrentControlSet\services\FastViewerRemoteProxy to ensure the executable paths are enclosed in double quotes.

Additionally, restarting the affected services or the system after making these changes will ensure the fix is applied.

Avoid placing any executables with crafted names in the Program Files directory to prevent exploitation.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2016-20095. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart