CVE-2021-47985
Deferred Deferred - Pending Action

Brother SAPSprint Unquoted Service Path Privilege Escalation

Vulnerability report for CVE-2021-47985, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-19

Last updated on: 2026-06-22

Assigner: VulnCheck

Description

Brother SAPSprint 7.60 contains an unquoted service path vulnerability in the SAPSprint service binary that allows local attackers to escalate privileges. Attackers can place a malicious executable in the Program Files directory path to be executed with LocalSystem privileges when the service starts automatically.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-19
Last Modified
2026-06-22
Generated
2026-07-10
AI Q&A
2026-06-19
EPSS Evaluated
2026-07-08
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
brother sapsprint 7.60

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

Brother SAPSprint version 7.60 contains an unquoted service path vulnerability in its SAPSprint service binary. This means the service's executable path includes spaces but is not enclosed in quotes, which can be exploited by local attackers.

Attackers can place a malicious executable in the Program Files directory path. Because the service runs automatically with LocalSystem privileges, the malicious executable will be run with those elevated privileges when the service starts.

This vulnerability allows local privilege escalation by exploiting the unquoted service path to execute arbitrary code with elevated rights.

Impact Analysis

This vulnerability can allow a local attacker to escalate their privileges on the affected system.

By placing a malicious executable in the Program Files directory, the attacker can have their code executed with LocalSystem privileges when the SAPSprint service starts automatically.

This elevated access can lead to full control over the system, potentially allowing the attacker to install malware, access sensitive data, or disrupt system operations.

Detection Guidance

This vulnerability can be detected by checking the service configuration for unquoted paths that contain spaces, specifically the SAPSprint service binary path.

You can use Windows commands such as WMIC and SC to query the SAPSprint service configuration and identify if the binary path is unquoted.

  • Use the command: wmic service where "name='SAPSprint'" get PathName
  • Use the command: sc qc SAPSprint

If the path returned contains spaces and is not enclosed in quotes, the service is vulnerable to this unquoted service path privilege escalation.

Mitigation Strategies

To mitigate this vulnerability, you should ensure that the service path for SAPSprint is properly quoted to prevent execution of malicious executables placed in the path.

Alternatively, you can restrict write permissions on the directories in the service path, especially the Program Files directory, to prevent attackers from placing malicious executables.

If possible, update or patch the SAPSprint software to a version where this vulnerability is fixed.

As a temporary measure, consider disabling the SAPSprint service if it is not essential.

Compliance Impact

The vulnerability allows local attackers to escalate privileges to LocalSystem level by exploiting an unquoted service path in the Brother SAPSprint service. This elevated access could potentially enable unauthorized access to sensitive data or system controls.

Such unauthorized privilege escalation may impact compliance with standards and regulations like GDPR and HIPAA, which require strict controls on access to personal and sensitive information. If exploited, this vulnerability could lead to data breaches or unauthorized data manipulation, thereby violating these compliance requirements.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2021-47985. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart