Description
Spy Emergency build 23.0.205 contains an unquoted service path vulnerability in the SpyEmrgHealth and SpyEmrgSrv services that allows local attackers to escalate privileges by inserting malicious executables. Attackers can place executable files in the unquoted service path and trigger service restart or system reboot to execute code with LocalSystem privileges.
Published: 2026-04-04
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Privilege Escalation
Action: Apply Patch
AI Analysis

Impact

An unquoted service path in the SpyEmrgHealth and SpyEmrgSrv services allows a local user to place a malicious executable in the folder referenced by the path and to trigger the service to restart or the system to reboot. When the service or system restarts, the executable runs with LocalSystem privileges, giving the attacker full control of the machine.

Affected Systems

The flaw is present in Spy Emergency build 23.0.205; no other builds are listed as affected. The services involved are SpyEmrgHealth and SpyEmrgSrv.

Risk and Exploitability

The CVSS base score of 8.5 indicates a severe vulnerability. No exploitable payloads are publicly documented in the KEV catalog, and an EPSS value is not available, but the local nature of the attack means that any user with the ability to stop the service or reboot the machine can easily trigger the exploit. Once executed, the attacker gains full system rights, compromising confidentiality, integrity, and availability.

Generated by OpenCVE AI on April 4, 2026 at 17:54 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the vendor’s site or contact support for a patch addressing the unquoted service path in build 23.0.205 and apply it immediately if available.
  • If a patch cannot be obtained, disable or uninstall the SpyEmrgHealth and SpyEmrgSrv services to eliminate the vulnerable execution path.
  • Alternatively, reconfigure the services so that their executable paths are enclosed in quotes, preventing the operating system from expanding path components that contain spaces.
  • After applying any fix, verify that the services restart correctly and that the executable path is properly quoted or that the services are no longer running.

Generated by OpenCVE AI on April 4, 2026 at 17:54 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 07 Apr 2026 00:00:00 +0000

Type Values Removed Values Added
First Time appeared Spy-emergency
Spy-emergency spy Emergency
Vendors & Products Spy-emergency
Spy-emergency spy Emergency

Mon, 06 Apr 2026 20:00:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Sat, 04 Apr 2026 15:00:00 +0000

Type Values Removed Values Added
Description Spy Emergency build 23.0.205 contains an unquoted service path vulnerability in the SpyEmrgHealth and SpyEmrgSrv services that allows local attackers to escalate privileges by inserting malicious executables. Attackers can place executable files in the unquoted service path and trigger service restart or system reboot to execute code with LocalSystem privileges.
Title Spy Emergency build 23.0.205 Unquoted Service Path Privilege Escalation
Weaknesses CWE-428
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Spy-emergency Spy Emergency
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-04-06T18:02:54.460Z

Reserved: 2026-04-04T13:38:36.937Z

Link: CVE-2016-20056

cve-icon Vulnrichment

Updated: 2026-04-06T17:59:59.610Z

cve-icon NVD

Status : Deferred

Published: 2026-04-04T14:16:18.057

Modified: 2026-04-16T16:15:56.380

Link: CVE-2016-20056

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-06T21:57:55Z

Weaknesses