CVE-2020-37100

High CVSS: 8.5

Sync Breeze Enterprise 12.4.18 contains an unquoted service path vulnerability that allows local attackers to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path by placing malicious executables in specific file system locations to hijack the service startup process.

Vendor

Flexense

Product

Syncbreeze

CWE

CWE-428

Yayın Tarihi

2026-02-03 15:16:10

Güncelleme

2026-02-20 16:38:24

Source Identifier

disclosure@vulncheck.com

KEV Date Added

Kategoriler

CWE-428 Syncbreeze HIGH Flexense 2026

Referanslar

http://www.syncbreeze.com https://www.exploit-db.com/exploits/48045 https://www.vulncheck.com/advisories/sync-breeze-enterprise-unquoted-service-path

Benzer Kayıtlar

High

CVE-2025-59895

Sync Breeze Enterprise Server v10.4.18 and Disk Pulse Enterprise v10.4.18 contain a remote denial-of-service (DoS) vulne…

Medium

CVE-2025-59896