CVE-2020-36927 affects DiskPulse Enterprise version 13.6.14, containing an unquoted service path vulnerability in its Windows service configuration. The vulnerability exists in the path 'C:\Program Files\Disk Pulse Enterprise\bin\diskpls.exe' where the unquoted spaces allow local attackers to inject malicious executables. Successful exploitation enables arbitrary code execution and privilege escalation on the affected system. This is a local privilege escalation vulnerability that requires initial access to the system. The vulnerability demonstrates how improper service path configuration can lead to security compromises in Windows environments.