Unquoted Service Path Vulnerability in Waves MaxxAudio on Dell Laptops

Unquoted Service Path Vulnerability in Waves MaxxAudio on Dell Laptops

CVE-2017-6005 · MEDIUM Severity

AV:L/AC:M/AU:N/C:C/I:C/A:C

Waves MaxxAudio, as installed on Dell laptops, adds a "WavesSysSvc" Windows service with File Version 1.1.6.0. This service has a vulnerability known as Unquoted Service Path. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system.

Learn more about our User Device Pen Test.