Key Information Vulnerability Name: CodeMeter 6.60 - 'CodeMeter.exe' Unquoted Service Path EDB-ID: 48735 CVE: N/A Author: Luis Martínez Type: LOCAL Platform: WINDOWS Date: 2020-08-06 Affected Application: Not specified Vulnerability Details Vulnerability Type: Unquoted Service Path Tested Version: 6.60 Tested Operating System: Windows 10 Pro x64 Discoverer: Luis Martinez Discovery Date: 2020-08-05 Vendor Homepage: https://www.wibu.com/us/products/codemeter/runtime.html Steps to Discover Unquoted Service Path Service Information: - DISPLAY_NAME: CodeMeter Runtime Server - TAG: 0 - DEPENDENCIES: Tcpip, Winmgmt - SERVICE_START_NAME: LocalSystem Exploitation Method Successful exploitation requires: - A local user being able to insert code into the system root path, which is not detected by the operating system or other security applications. The code may execute when the application starts or restarts. - Upon successful execution, the local user's code will run with elevated privileges of the application.