Description
OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows local attackers to escalate privileges by inserting executable files into the unquoted path. Attackers can place a malicious executable in a directory within the service path that will execute with LocalSystem privileges when the service restarts or the system reboots.
Published: 2026-05-16
Score: 8.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service. The flaw allows a local attacker to place a malicious executable in a directory referenced in the unquoted path. When the service restarts or the system reboots, the injected executable runs with LocalSystem privileges, granting the attacker complete control over the affected host.

Affected Systems

The vulnerable product is OKI sPSV Port Manager version 1.0.41 from Oki. No additional affected versions are specified in the CNA data.

Risk and Exploitability

With a CVSS score of 8.5, this flaw is considered high severity. The EPSS score is currently not available, and the vulnerability is not listed in the CISA KEV catalog, suggesting it has not been widely exploited. However, the attack requires local access, so any compromised or physical user with ability to write to the service path directory can exploit this vector to elevate privileges. Once the service is restarted the malicious code will execute as LocalSystem.

Generated by OpenCVE AI on May 16, 2026 at 16:31 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update OKI sPSV Port Manager to a version that fixes the unquoted service path flaw.
  • If a patch is not yet available, stop and disable the sPSVOpLclSrv service to prevent the vulnerable executable from running until a fix can be applied.
  • Modify the service configuration to either place the executable in a directory without spaces or surround the path with quotes, and restrict write permissions on that directory to administrative users only.

Generated by OpenCVE AI on May 16, 2026 at 16:31 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 16 May 2026 15:45:00 +0000

Type Values Removed Values Added
Description OKI sPSV Port Manager 1.0.41 contains an unquoted service path vulnerability in the sPSVOpLclSrv service that allows local attackers to escalate privileges by inserting executable files into the unquoted path. Attackers can place a malicious executable in a directory within the service path that will execute with LocalSystem privileges when the service restarts or the system reboots.
Title OKI sPSV Port Manager 1.0.41 Unquoted Service Path Privilege Escalation
Weaknesses CWE-428
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-16T15:25:47.184Z

Reserved: 2026-05-15T13:33:15.509Z

Link: CVE-2020-37229

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-16T16:16:18.803

Modified: 2026-05-16T16:16:18.803

Link: CVE-2020-37229

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-16T16:45:27Z

Weaknesses