The vulnerability stems from how the Windows Service Control Manager (SCM) handles file paths containing spaces.
Standard user accounts should never have write access to root directories ( C:\ ) or subfolders within C:\Program Files and C:\Program Files (x86) . active webcam 115 unquoted service path patched
The final step requires triggering the service. If the low-privilege user has permission to restart the service, they can run: The vulnerability stems from how the Windows Service
Estimated CVSS 3.1 Base Score:
An unquoted service path vulnerability occurs when a service or application is installed with a path that is not properly quoted. This can lead to a vulnerability that allows an attacker to execute arbitrary code or elevate privileges on a system. In the case of Active Webcam 115, the vulnerability was discovered in the service path used by the application. If the low-privilege user has permission to restart