CVE-2023-53984— HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path

HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path

Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges. Attackers can exploit the misconfigured service path to inject and execute arbitrary code by placing malicious executables in specific file system locations.

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

未经引用的搜索路径或元素

Clevo HotKey Clipboard 代码问题漏洞

Clevo HotKey Clipboard是中国台湾蓝天电脑（Clevo）公司的一个剪切板增强工具。 Clevo HotKey Clipboard 2.1.0.6版本存在代码问题漏洞，该漏洞源于未加引号的服务路径，可能导致本地非特权用户以系统权限执行代码。

N/A

N/A