Active Webcam 115 Unquoted Service | Path Patched

The vulnerability in Active Webcam 115 was discovered by a security researcher who reported it to the software vendor, Topbytes. The researcher found that the software's service installation process created a service with an unquoted path, which could be exploited by an attacker to gain elevated privileges on a system.

reg add "HKLM\SYSTEM\CurrentControlSet\Services\ActiveWebcamService" /v ImagePath /t REG_EXPAND_SZ /d "\"C:\Program Files (x86)\Active Webcam\SimvWebcam.exe\"" /f Use code with caution. 3. Verification of the Patch

In the context of , the service installed, often named something similar to Active Webcam Service or AWService , frequently installs to paths containing spaces (e.g., C:\Program Files\Active Webcam 115\ ).

Modify the value data to include quotation marks around the full path to the executable, leaving any trailing arguments outside of the quotes. active webcam 115 unquoted service path patched

Incorporate vulnerability scanners (like Nessus, OpenVAS, or internal PowerShell scripts) into monthly compliance routines to catch unquoted paths introduced by legacy software installations.

contains spaces but is not enclosed in double quotes. When Windows tries to start the service, it may attempt to execute files like C:\Program.exe C:\Program Files\Active.exe if they exist. National Institute of Standards and Technology (.gov) Reference Links for Your Report

The vulnerability was rated as critical, with a CVSS score of 9.0, indicating a high severity level. This meant that an attacker could potentially exploit the vulnerability to gain administrator-level access to a system, allowing them to execute arbitrary code, steal sensitive data, or take control of the system. The vulnerability in Active Webcam 115 was discovered

The configuration for all Windows services resides in the Registry. You can manually correct the Active Webcam path using the Registry Editor ( regedit ). Press Win + R , type regedit , and hit Enter.

Without quotes, Windows checks the following locations in order when trying to start the service:

Using tools like sc qc (Service Control) or inspecting the registry, a vulnerable installation would display: and hit Enter. Without quotes

: If it is still unquoted, you can manually edit the ImagePath value in the Windows Registry under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\[ServiceName] .

Active Webcam is a popular software solution by Pysoft used for video surveillance and security camera management. In version 11.5 (and potentially earlier iterations), the software was discovered to contain a classic Windows configuration vulnerability known as an Unquoted Service Path .

To manually patch the path via the Command Prompt, execute the following command with administrative privileges: