Active Webcam 115 Unquoted Service Path Patched Access

: Local attackers with basic file-writing permissions can exploit this misconfiguration. How to Patch and Secure Your System

The attacker must possess write permissions to one of the parent folders (e.g., C:\ or C:\Program Files\ ). By default, modern Windows installations restrict standard users from writing to these directories, but misconfigured permissions or older OS environments often left these paths open.

Manually quote the path using the sc command (requires admin rights): active webcam 115 unquoted service path patched

CVE-2021-47790 CWE: CWE-428 (Unquoted Search Path or Element) CVSS 3.1 Base Score: 7.8 (High) CVSS 4.0 Base Score: 8.5 (High) Affected Software: Active WebCam version 11.5

The developer updated the installer logic to ensure proper string encapsulation. Modern installers use explicit quote escaping when writing to the Windows Registry. : Local attackers with basic file-writing permissions can

Despite being documented for over a decade (MSDN guidelines since Windows XP), many software vendors still make this mistake. Popular applications like antivirus tools, backup software, and even some Microsoft utilities have been vulnerable.

sc qc "Active Webcam Service"

provide further technical documentation on this and similar vulnerabilities. PowerShell script