The Windows service configuration of ABP and AES contains an unquoted ImagePath registry value vulnerability. This allows a local attacker to execute arbitrary code by placing a malicious executable in a predictable location such as C:\Program.exe. If the service runs with elevated privileges, exploitation results in privilege escalation to SYSTEM level. This vulnerability arises from an unquoted service path affecting systems where the executable resides in a path containing spaces.
Affected products and versions include: ABP 2.0.7.6130 and earlier as well as AES 1.0.6.6133 and earlier.
Fixes

Solution

No solution given by the vendor.


Workaround

No workaround given by the vendor.

History

Wed, 23 Jul 2025 17:45:00 +0000

Type Values Removed Values Added
First Time appeared Asustor
Asustor abp
Asustor aes
Vendors & Products Asustor
Asustor abp
Asustor aes

Wed, 23 Jul 2025 14:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 23 Jul 2025 07:45:00 +0000

Type Values Removed Values Added
Description The Windows service configuration of ABP and AES contains an unquoted ImagePath registry value vulnerability. This allows a local attacker to execute arbitrary code by placing a malicious executable in a predictable location such as C:\Program.exe. If the service runs with elevated privileges, exploitation results in privilege escalation to SYSTEM level. This vulnerability arises from an unquoted service path affecting systems where the executable resides in a path containing spaces. Affected products and versions include: ABP 2.0.7.6130 and earlier as well as AES 1.0.6.6133 and earlier.
Title Windows service registered with an unquoted ImagePath vulnerability in the system registry
Weaknesses CWE-428
References
Metrics cvssV4_0

{'score': 9.2, 'vector': 'CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:H/SI:N/SA:N'}


cve-icon MITRE

Status: PUBLISHED

Assigner: ASUSTOR1

Published:

Updated: 2025-07-23T14:10:47.430Z

Reserved: 2025-07-23T03:45:31.946Z

Link: CVE-2025-8070

cve-icon Vulnrichment

Updated: 2025-07-23T14:10:43.277Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2025-07-23T08:15:26.683

Modified: 2025-07-25T15:29:44.523

Link: CVE-2025-8070

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2025-07-23T17:35:49Z