Wise Care 365 version 4.27 and Wise Disk Cleaner version 9.29 ship with unquoted service path vulnerabilities in the WiseBootAssistant and SpyHunter 4 Service. The lack of quotation marks around the executable path allows a local user to place a malicious file in a system directory that is referenced during service startup or system reboot, causing that file to execute with SYSTEM privileges. This flaw permits arbitrary code execution with the highest local privileges, enabling an attacker to modify system configurations, install malware, or compromise the entire machine. The weakness is categorized as CWE‑428, an unquoted service path flaw. Based solely on the official description, no remote exploitation vector is described, and the impact is limited to local users who can place files in the target path.

The vulnerability affects Wise Care 365 version 4.27 and Wise Disk Cleaner version 9.29. The products are distributed by the vendor Wise, and the flaws reside in the WiseBootAssistant and SpyHunter 4 Service components. Only these specific versions are listed as impacted; no other editions or later releases are mentioned.

The CVSS score of 8.5 indicates a high severity for privilege escalation. Since the EPSS score is not available, we cannot quantify the current likelihood of exploitation, but the lack of a KEV listing suggests no widespread, known exploitation has been observed. The attack vector is local, requiring a user account that can write to the system root or related directories. An attacker can trigger the flaw by creating a malicious executable with the same name as the unquoted service path and placing it in the root path, which will be executed with SYSTEM rights when the service restarts or during a reboot.