Vulnerability Description
Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executables in the service path to gain elevated system privileges during service startup.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://www.boostbyreason.com/resource-file-9102-ath_coexagent-exe.aspx
- https://www.exploit-db.com/exploits/49053
- https://www.file.net/process/ath_coexagent.exe.html
- https://www.vulncheck.com/advisories/atheros-coex-service-application-zatheros-b
- https://www.exploit-db.com/exploits/49053
FAQ
What is CVE-2020-36979?
CVE-2020-36979 is a vulnerability with a CVSS score of 7.8 (HIGH). Atheros Coex Service Application 8.0.0.255 contains an unquoted service path vulnerability in its Windows service configuration. Attackers can exploit the unquoted path by placing malicious executable...
How severe is CVE-2020-36979?
CVE-2020-36979 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-36979?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.