Description
Realtek High Definition Audio Driver 6.0.1.6730 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by placing a malicious executable in the service path. Attackers can insert an executable file in the unquoted path and restart the service to execute code with LocalSystem privileges.
Problem types
Unquoted Search Path or Element
Product status
Credits
Joey Lane
References
www.exploit-db.com/exploits/40587 (ExploitDB-40587)
www.vulncheck.com/...ition-audio-driver-privilege-escalation (VulnCheck Advisory: Realtek High Definition Audio Driver 6.0.1.6730 Privilege Escalation)