top of page
perceptive_background_267k.jpg

IDT PC Audio 1.0.6499.0 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system priviā€¦

Published:

25 January 2026 at 23:00:00

Alert date:

26 January 2026 at 19:02:16

Source:

nvd.nist.gov

Click to open the original link from this advisory

Operating Systems

CVE-2020-36959 affects IDT PC Audio version 1.0.6499.0 with an unquoted service path vulnerability in the STacSV service. Local attackers can exploit this flaw to execute arbitrary code with elevated LocalSystem privileges during service startup. The vulnerability allows code injection through the unquoted service path, leading to privilege escalation. This is a local privilege escalation vulnerability that requires initial access to the system. The vulnerability affects PC audio driver software commonly found on Windows systems.

Technical details

Mitigation steps:

Affected products:

IDT PC Audio

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2020-36959
https://www.exploit-db.com/exploits/49191
https://www.pconlife.com/download/otherfile/20566/90674cffc8658c4f2bf58d43bb9b7ccb/
https://www.vulncheck.com/advisories/idt-pc-audio-stacsv-unquoted-service-path

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page