Description
Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users group allow authenticated users to replace the executable file with arbitrary binaries, enabling privilege escalation during service startup or system reboot.
Published: 2026-03-15
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Privilege Escalation
Action: Apply Patch
AI Analysis

Impact

Serviio PRO 1.8 contains an unquoted search path vulnerability in its Windows service that allows a local user to run arbitrary code with elevated privileges by placing malicious executables in a system root path. In addition, the installer sets the directory permissions for the Users group to full access, enabling authenticated users to overwrite the executable file with another binary. This weakness can be exploited to hijack the service startup or a system reboot, granting the attacker full control over the affected machine. The problem is categorized as CWE‑428, which warns about the risks of unquoted paths leading to unintended program execution.

Affected Systems

The vulnerability affects Serviio PRO version 1.8 running on Windows operating systems. Only this specific version is known to contain the unquoted path and directory permission issues. No other versions or non‑Windows platforms are mentioned.

Risk and Exploitability

The CVSS score of 8.5 indicates a high severity for the flaw, with a major impact on confidentiality and integrity when exploited. The EPSS score of less than 1% suggests that the likelihood of this vulnerability being weaponized in the wild is low, and it is not listed in the CISA KEV catalog. Based on the description, the attack vector is local; an attacker must have a local user account or otherwise be able to write to the system root directory to replace the executable. Once the malicious binary is in place, the service will load it with system privileges during startup or reboots, achieving privilege escalation.

Generated by OpenCVE AI on March 21, 2026 at 14:36 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Serviio PRO to a version that fixes the unquoted path and directory permission flaws.
  • If an upgrade is not immediately possible, stop or disable the Serviio Windows service to prevent the vulnerability from being exercised.
  • Modify the permissions on the system root and the directories used by Serviio so that the Users group cannot write or replace executable files.
  • Enable logging for service startup events and monitor for unexpected executable execution in the System folder.

Generated by OpenCVE AI on March 21, 2026 at 14:36 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 16 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Mon, 16 Mar 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Serviio
Serviio serviio Pro
Vendors & Products Serviio
Serviio serviio Pro

Sun, 15 Mar 2026 19:00:00 +0000

Type Values Removed Values Added
Description Serviio PRO 1.8 contains an unquoted search path vulnerability in the Windows service that allows local users to execute arbitrary code with elevated privileges by placing malicious executables in the system root path. Additionally, improper directory permissions with full access for the Users group allow authenticated users to replace the executable file with arbitrary binaries, enabling privilege escalation during service startup or system reboot.
Title Serviio PRO 1.8 Local Privilege Escalation via Unquoted Path
Weaknesses CWE-428
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Serviio Serviio Pro
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-03-16T14:20:17.881Z

Reserved: 2026-03-15T17:44:18.599Z

Link: CVE-2017-20218

cve-icon Vulnrichment

Updated: 2026-03-16T14:17:15.398Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-16T14:17:51.317

Modified: 2026-03-16T14:53:46.157

Link: CVE-2017-20218

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-23T14:01:21Z

Weaknesses