Description
OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows local attackers to escalate privileges by inserting executable files into the unquoted path. Attackers can place a malicious executable in a directory within the service path that will execute with LocalSystem privileges when the service restarts or the system reboots.
Published: 2026-05-16
Score: 8.5 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service. The flaw allows a local attacker to place a malicious executable in a directory referenced in the unquoted path. When the service restarts or the system reboots, the injected executable runs with LocalSystem privileges, granting the attacker complete control over the affected host.

Affected Systems

The vulnerable product is OKI sPSV Port Manager version 1.0.41 from Oki. No additional affected versions are specified in the CNA data.

Risk and Exploitability

With a CVSS score of 8.5, this flaw is considered high severity. The EPSS score is currently not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting it has not been widely exploited. However, the attack requires local access, so any compromised or physical user with ability to write to the service path directory can exploit this vector to elevate privileges. Once the service is restarted the malicious code will execute as LocalSystem.

Generated by OpenCVE AI on May 16, 2026 at 16:31 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update OKI sPSV Port Manager to a version that fixes the unquoted service path flaw.
  • If a patch is not yet available, stop and disable the sPSVOpLclSrv service to prevent the vulnerable executable from running until a fix can be applied.
  • Modify the service configuration to either place the executable in a directory without spaces or surround the path with quotes, and restrict write permissions on that directory to administrative users only.

Generated by OpenCVE AI on May 16, 2026 at 16:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Mon, 18 May 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Sun, 17 May 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Oki
Oki oki Spsv Port Manager
Vendors & Products Oki
Oki oki Spsv Port Manager

Sat, 16 May 2026 15:45:00 +0000

Type Values Removed Values Added
Description OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows local attackers to escalate privileges by inserting executable files into the unquoted path. Attackers can place a malicious executable in a directory within the service path that will execute with LocalSystem privileges when the service restarts or the system reboots.
Title OKI sPSV Port Manager 1.0.41 Unquoted Service Path Privilege Escalation
Weaknesses CWE-428
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Oki Oki Spsv Port Manager
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-18T12:46:33.146Z

Reserved: 2026-05-15T13:33:15.509Z

Link: CVE-2020-37229

cve-icon Vulnrichment

Updated: 2026-05-18T12:46:29.937Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-16T16:16:18.803

Modified: 2026-05-18T20:16:05.873

Link: CVE-2020-37229

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-17T17:00:57Z

Weaknesses
  • CWE-428

    Unquoted Search Path or Element