CVE-2016-20061

High CVSS: 8.5

sheed AntiVirus 2.3 contains an unquoted service path vulnerability in the ShavProt service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can insert a malicious executable in the unquoted path and trigger service restart or system reboot to execute code with LocalSystem privileges.

Vendor

Product

CWE

CWE-428

Yayın Tarihi

2026-04-04 14:16:18

Güncelleme

2026-04-07 13:20:55

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-428 HIGH 2026

Referanslar

http://dl.sheedantivirus.ir/setup.exe http://sheedantivirus.ir/ https://www.exploit-db.com/exploits/40497 https://www.vulncheck.com/advisories/sheed-antivirus-unquoted-service-path-privilege-escalation