Unquoted Search Path Vulnerability in Panasonic PC Applications
CVE-2018-16183

7.8HIGH

Key Information:

Vendor

Panasonic Corporation

Status
Some Pre-installed Applications On Panasonic Pc
Vendor
CVE Published:
9 January 2019

What is CVE-2018-16183?

An unquoted search path vulnerability exists in certain pre-installed applications on Panasonic PCs running various versions of Windows. This vulnerability may allow local users to gain elevated privileges and execute arbitrary code by leveraging a Trojan horse executable file. The issue arises from improperly formatted file paths that do not account for spaces, potentially enabling attackers to execute malicious applications in a less restrictive context. Proper remediation involves addressing the vulnerability in the affected applications to enhance security measures.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Some pre-installed applications on Panasonic PC run on Windows 7 (32bit), Windows 7 (64bit), Windows 8 (64bit), Windows 8.1 (64bit), Windows 10 (64bit) delivered in or later than October 2009

References

https://jvn.jp/en/jp/JVN36895151/index.html
third-party-advisoryx_refsource_JVN
https://pc-dl.panasonic.co.jp/dl/docs/077770
x_refsource_MISC

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.