Description
Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate directories. Attackers can exploit the unquoted path in the service configuration to execute arbitrary code with LocalSystem privileges when the service starts or restarts.
Published: 2026-06-19
Score: 8.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

The vulnerability stems from the niaservice service being installed with an unquoted executable path. If a local attacker can place a malicious executable in any intermediate directory that appears in the service configuration, the service will launch that executable with LocalSystem privileges when it starts or restarts. This directly allows arbitrary code execution with administrative rights on the affected machine.

Affected Systems

Network Inventory Advisor version 5.0.26.0, specifically the niaservice service installed on Windows systems without a quoted binary path.

Risk and Exploitability

The CVSS score of 8.5 reflects a high severity local privilege escalation flaw. No EPSS score is available, and the vulnerability is not currently listed in the CISA KEV catalog. Attackers require local access or the ability to write to directories on the target system. If exploited, the attacker can gain full administrative control, install malware, and maintain persistence. The flaw is inherent to the service configuration and does not require additional authentication or special conditions beyond file write permissions in the path.

Generated by OpenCVE AI on June 19, 2026 at 21:02 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update Network Inventory Advisor to a version that quotes the service executable path and removes the unquoted path issue.
  • If an update is not immediately available, reinstall the niaservice configuration and manually edit the service definition to enclose the executable path in quotation marks.
  • Restrict write permissions on all directories that appear in the service path so that only authorized administrators can place files there.

Generated by OpenCVE AI on June 19, 2026 at 21:02 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 19 Jun 2026 18:15:00 +0000

Type Values Removed Values Added
Description Network Inventory Advisor 5.0.26.0 installs the niaservice service with an unquoted binary path that allows local attackers to escalate privileges by placing malicious executables in intermediate directories. Attackers can exploit the unquoted path in the service configuration to execute arbitrary code with LocalSystem privileges when the service starts or restarts.
Title Network Inventory Advisor 5.0.26.0 Unquoted Service Path Privilege Escalation
Weaknesses CWE-428
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-06-19T14:16:48.638Z

Reserved: 2026-06-19T13:10:13.910Z

Link: CVE-2019-25747

cve-icon Vulnrichment

No data.

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-06-19T21:15:16Z

Weaknesses
  • CWE-428

    Unquoted Search Path or Element