Description
Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can rename the WService.exe file in the installation directory and replace it with a malicious executable that executes with LocalSystem privileges when the service is triggered.
Published: 2026-05-25
Score: 8.6 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

This vulnerability arises from insecure file permissions on the WService.exe executable in the installation directory of Splinterware System Scheduler Pro 5.12. A low‑privilege user can rename or replace this file with a malicious version; when the service later restarts it runs with LocalSystem privileges, effectively giving the attacker administrative access. The flaw is a classic example of improper privilege rights (CWE‑276).

Affected Systems

The vulnerability is specific to Splinterware System Scheduler Pro version 5.12. Users of this software, deployed on Windows environments where the WService.exe file resides in the installation folder, are impacted.

Risk and Exploitability

The CVSS base score of 8.6 indicates a high severity, and the EPSS is not available, but the potential for local privilege escalation is significant. Because no current exploit is publicly listed in KEV, there is no known mass exploitation. However, the attack vector is local and straightforward for any user with write permission to the installation directory, making it highly exploitable if the permission policy is misconfigured.

Generated by OpenCVE AI on May 25, 2026 at 15:28 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply any vendor‑issued patch or upgrade to a version where WService.exe permissions are correctly restricted
  • Configure file system ACLs to prevent non‑administrative users from modifying or replacing WService.exe and its directory
  • Disable or remove the vulnerable service if it is not required, or replace it with a secure alternative

Generated by OpenCVE AI on May 25, 2026 at 15:28 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 26 May 2026 14:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Tue, 26 May 2026 13:30:00 +0000

Type Values Removed Values Added
First Time appeared Splinterware
Splinterware splinterware System Scheduler Pro
Vendors & Products Splinterware
Splinterware splinterware System Scheduler Pro

Mon, 25 May 2026 14:30:00 +0000

Type Values Removed Values Added
Description Splinterware System Scheduler Pro 5.12 contains an insecure file permissions vulnerability that allows low-privilege users to escalate privileges by modifying service executable files. Attackers can rename the WService.exe file in the installation directory and replace it with a malicious executable that executes with LocalSystem privileges when the service is triggered.
Title Splinterware System Scheduler Pro 5.12 Privilege Escalation
Weaknesses CWE-276
References
Metrics cvssV3_1

{'score': 8.4, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.6, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Splinterware Splinterware System Scheduler Pro
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-26T13:19:38.461Z

Reserved: 2026-05-24T13:14:22.106Z

Link: CVE-2018-25359

cve-icon Vulnrichment

Updated: 2026-05-26T13:19:32.775Z

cve-icon NVD

Status : Deferred

Published: 2026-05-25T15:16:18.357

Modified: 2026-05-26T19:47:48.987

Link: CVE-2018-25359

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-26T13:00:45Z

Weaknesses
  • CWE-276

    Incorrect Default Permissions