← voltar
CVE-2023-53984

HotKey Clipboard 2.1.0.6 - Privilege Escalation Unquoted Service Path

CVSS 8.5 HIGHEPSS 0.2%CWE-428
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 8.5EPSS 0.2%KEV nãoPoC Nuclei Metasploit Patch
Ciclo de vida
13 jan 2026Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Clevo HotKey Clipboard 2.1.0.6 contains an unquoted service path vulnerability in the HKClipSvc service that allows local non-privileged users to potentially execute code with system privileges. Attackers can exploit the misconfigured service path to inject and execute arbitrary code by placing malicious executables in specific file system locations.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Produtos afetados
clevo · HotKey Clipboard

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://web.archive.org/web/20200713203236/https://www.clevo.com.tw/index-en.asphttps://www.exploit-db.com/exploits/51206https://www.vulncheck.com/advisories/hotkey-clipboard-privilege-escalation-unquoted-service-path