Security Advisory
CVE-2020-37021
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
10-Strike Bandwidth Monitor 3.9 contains an unquoted service path vulnerability in multiple services that allows local attackers to escalate privileges. Attackers can place a malicious executable in specific file path locations to achieve privilege escalation to SYSTEM during service startup.