Unquoted Service Path Vulnerability in LogonExpert by Softros
CVE-2021-47890

8.5HIGH

Key Information:

Vendor

Softros Systems

Status
Logonexpert
Vendor
CVE Published:
23 January 2026

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2021-47890?

LogonExpert 8.1 is vulnerable to an unquoted service path issue in its LogonExpertSvc service, which operates with LocalSystem privileges. This vulnerability allows attackers to exploit improperly quoted paths, creating opportunities to place malicious executables in intermediate directories. If successfully exploited during the service startup, this could result in elevated system access, posing significant security risks to affected systems. Organizations using LogonExpert are advised to review their configurations and apply necessary updates to mitigate this threat.

Affected Version(s)

LogonExpert 8.1

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2021-47890 - Proof of Concept

References

https://www.exploit-db.com/exploits/49586
exploit
https://www.softros.com/
product
https://download.logonexpert.com/LogonExpertSetup64.msi
product

CVSS V4

Score:
8.5
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Attack Required:
None
Privileges Required:
Undefined
User Interaction:
None

Timeline

  • 🟡

    Public PoC available

  • 👾

    Exploit known to exist

  • Vulnerability published

  • Vulnerability Reserved

Credit

Victor Mondragón
JSON
.