Home

Description

USB Flash Drives Control 4.1.0.0 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\USB Flash Drives Control\usbcs.exe' to inject malicious executables and escalate privileges on Windows systems.

PUBLISHED Reserved 2025-12-16 | Published 2025-12-17 | Updated 2025-12-18 | Assigner VulnCheck




HIGH: 8.5CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
MEDIUM: 6.2CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Problem types

Unquoted Search Path or Element

Product status

4.1.0.0
affected

Credits

Jeffrey Bencteux finder

References

www.exploit-db.com/exploits/51508 (ExploitDB-51508) exploit

binisoft.org/ (Official Product Webpage) product

www.vulncheck.com/...uoted-service-path-privilege-escalation (VulnCheck Advisory: USB Flash Drives Control 4.1.0.0 Unquoted Service Path Privilege Escalation) third-party-advisory

cve.org (CVE-2023-53912)

nvd.nist.gov (CVE-2023-53912)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.