Description
VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute arbitrary code with LocalSystem privileges when services restart.
Published: 2026-05-16
Score: 8.5 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services. When the services are restarted, an attacker who can place a malicious executable in an unquoted directory such as C:\Program Files\VX Search can trigger that executable under the LocalSystem account. This allows the attacker to execute arbitrary code with the highest local privilege level.

Affected Systems

The vulnerability affects Vxsearch VX Search Server and VX Search Enterprise versions 13.5.28. These services run under the LocalSystem account on Windows machines where the installation path contains spaces and is not quoted.

Risk and Exploitability

The CVSS score of 8.5 indicates a high severity of local privilege escalation. The EPSS score is not available and the vulnerability is not listed in CISA KEV, suggesting no widespread exploitation has been reported. The attack vector is local; an attacker must already have access to the host and the ability to place files in the installation directory. Once the services restart, the attacker gains unrestricted local privileges.

Generated by OpenCVE AI on May 16, 2026 at 16:22 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade Vxsearch VX Search to a patched or newer version that quotes the service path.
  • If upgrading is not immediately possible, remove the space from the installation directory or modify the service definition to use a quoted path for the executable.
  • Restrict write permissions on the Vxsearch installation folder so that only trusted administrators can place or replace files, preventing malicious executables from being inserted by local users.

Generated by OpenCVE AI on May 16, 2026 at 16:22 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Sat, 16 May 2026 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Vxsearch
Vxsearch vx Search
Vendors & Products Vxsearch
Vxsearch vx Search

Sat, 16 May 2026 15:45:00 +0000

Type Values Removed Values Added
Description VX Search 13.5.28 contains an unquoted service path vulnerability in both VX Search Server and VX Search Enterprise services that allows local attackers to escalate privileges. Attackers can place malicious executables in unquoted path directories like C:\Program Files\VX Search to execute arbitrary code with LocalSystem privileges when services restart.
Title VX Search 13.5.28 Unquoted Service Path Privilege Escalation
First Time appeared Webberzone
Webberzone better Search
Weaknesses CWE-428
CPEs cpe:2.3:a:webberzone:better_search:13.5.28:*:*:*:*:*:*:*
Vendors & Products Webberzone
Webberzone better Search
References
Metrics cvssV3_1

{'score': 7.8, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H'}

cvssV4_0

{'score': 8.5, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N'}

Subscriptions

Vxsearch Vx Search
Webberzone Better Search
cve-icon MITRE

Status: PUBLISHED

Assigner: VulnCheck

Published:

Updated: 2026-05-16T15:26:14.479Z

Reserved: 2026-05-16T14:34:10.093Z

Link: CVE-2021-47974

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Received

Published: 2026-05-16T16:16:22.843

Modified: 2026-05-16T16:16:22.843

Link: CVE-2021-47974

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-16T17:45:28Z

Weaknesses