CVE-2016-20060

Sažetak

Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attackers to escalate privileges by injecting malicious executables. Attackers can place executable files in the service path and upon service restart or system reboot, the malicious code executes with LocalSystem privileges.

Reference

https://www.exploit-db.com/exploits/40528
https://www.hotspotshield.com
https://www.hotspotshield.com/download/
https://www.vulncheck.com/advisories/hotspot-shield-unquoted-service-path-privilege-escalation

CVSS

Base:	7.8
Impact:	5.9
Exploitability:	1.8

Pristup

Vektor	Složenost	Autentikacija
LOCAL	LOW	LOW

Impact

Povjerljivost	Cjelovitost	Dostupnost
HIGH	HIGH	HIGH

CVSS vektor

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Zadnje važnije ažuriranje

04-04-2026 - 14:16

Objavljeno

04-04-2026 - 14:16