Vulnerability Description
Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges. Attackers can exploit the misconfigured service path to inject and execute arbitrary code by placing malicious executables in specific file system locations.
CVSS Score
HIGH
Related Weaknesses (CWE)
References
- https://web.archive.org/web/20200713203236/https://www.clevo.com.tw/index-en.asp
- https://www.exploit-db.com/exploits/51206
- https://www.vulncheck.com/advisories/hotkey-clipboard-privilege-escalation-unquo
FAQ
What is CVE-2023-53984?
CVE-2023-53984 is a vulnerability with a CVSS score of 8.4 (HIGH). Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges. Attac...
How severe is CVE-2023-53984?
CVE-2023-53984 has been rated HIGH with a CVSS base score of 8.4/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2023-53984?
Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.