Remediate Service Path Vulnerability Utility (V1.00L10 M02) Panasonic PC in which Windows 10, Windows 8.1, Windows 8 and Windows 7 are pre-installed

Category Application and Utility
Model

Panasonic PC in which OS in following "Operating System" column is pre-installed.

Operating System

Windows 10 Pro 64bit
Windows 8.1 Pro 64bit
Windows 8 Pro 64bit
Windows 7 32bit SP1
Windows 7 64bit SP1

Language MUI,English
Release Date 12/18/18
File Name RSrvPath_V1.00L10.exe 501,392 bytes
RSrvPath_V1.00L10_En.pdf 180,630 bytes
Index No 77770

File Description

Remediate unquoted service path vulnerabilities of Panasonic applications.

Information

■About this vulnerability

Some Windows services registered from Panasonic applications have unquoted Windows search path vulnerability that allow local users to gain privileges.

■The impact of this vulnerability

This vulnerability might allow applications to gain the service’s privileges in case the applications have the first part of the path containing the white space.

■About CVSS score

CVSS v3.0 : Base Score 8.4 HIGH (AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)
CVSS v2.0 : Base Score 4.6 MEDIUM (AV:L/AC:L/Au:N/C:P/I:P/A:P)

Notes

・ This application remediates service path vulnerability that is only Panasonic application.

・ This will not remediate service path vulnerabilities other than Panasonic applications.

・ Please read the operation procedure carefully, before using the utility.

Reason for Update

  • - Dec 18, 2018: We discussed with JVN. We follow their published information.

    Also updated the "Acknowledgments to researchers" (PDF).