Description
Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem privileges when the service starts.
Published: 2026-05-10
Score: 8.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A flaw in Argus Surveillance DVR 4.0’s DVRWatchdog service stems from an unquoted service path that allows a local attacker to place a malicious executable in the Program Files directory. When the service starts, Windows interprets the unquoted path as a command line and runs the attacker’s file with LocalSystem privileges, thereby granting full administrative control. This vulnerability is identified as a classic privilege‑escalation weakness (CWE‑428).

Affected Systems

Argus Surveillance DVR, version 4.0, is the only product listed as affected. No additional vendor or product versions are specified in the available data.

Risk and Exploitability

The CVSS score of 8.5 denotes high severity, but the exploit requires local access to the target machine since the attacker must write a file to a protected directory. The EPSS score is not available, and the vulnerability is not listed in the CISA KEV catalog, reducing evidence of widespread exploitation. Nonetheless, once an attacker has local access, this flaw gives them the ability to run code with the highest privileges on the system.

Generated by OpenCVE AI on May 10, 2026 at 14:53 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest firmware or patch from Argus that corrects the unquoted service path or removes the DVRWatchdog service.
  • If no vendor update is available, reconfigure the DVRWatchdog service to run under a restricted account or disable it entirely to eliminate the privileged execution path.
  • Change the file‑system permissions on the Program Files (or service binary) directory so that only administrators can write to it, preventing non‑admin users from dropping a malicious executable.

Generated by OpenCVE AI on May 10, 2026 at 14:53 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sun, 10 May 2026 13:00:00 +0000

Type Values Removed Values Added
Description Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem privileges when the service starts.
Title Argus Surveillance DVR 4.0 Unquoted Service Path Privilege Escalation
Weaknesses CWE-428
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-10T12:44:01.118Z

Reserved: 2026-02-01T11:24:18.718Z

Link: CVE-2021-47945

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-10T13:16:30.897

Modified: 2026-05-10T13:16:30.897

Link: CVE-2021-47945

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-10T15:00:11Z

Weaknesses