CVE-2016-20091 - Windows Firewall Control 4.8.6.0 Unquoted Service Path Privilege Escalation
CVE ID :CVE-2016-20091
Published : June 19, 2026, 2:16 p.m. | 1 hour, 22 minutes ago
Description :Windows Firewall Control 4.8.6.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by inserting malicious executables in the service path. Attackers can place executable files in unquoted path directories that the wfcs.exe service will execute with LocalSystem privileges upon service restart or system reboot.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...
Published : June 19, 2026, 2:16 p.m. | 1 hour, 22 minutes ago
Description :Windows Firewall Control 4.8.6.0 contains an unquoted service path vulnerability that allows local attackers to escalate privileges by inserting malicious executables in the service path. Attackers can place executable files in unquoted path directories that the wfcs.exe service will execute with LocalSystem privileges upon service restart or system reboot.
Severity: 8.5 | HIGH
Visit the link for more details, such as CVSS details, affected products, timeline, and more...