top of page
perceptive_background_267k.jpg

SpyHunter 4 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attac…

Published:

31 January 2026 at 23:00:00

Alert date:

1 February 2026 at 16:03:01

Source:

nvd.nist.gov

Click to open the original link from this advisory

Security Tools, Operating Systems

CVE-2020-37055 is an unquoted service path vulnerability in SpyHunter 4 security software. The vulnerability allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit this by placing malicious executables in specific file system locations. The malicious code executes with elevated privileges during service startup. This is a local privilege escalation vulnerability that affects the SpyHunter 4 service configuration. The vulnerability requires local access to exploit but can lead to complete system compromise.

Technical details

Mitigation steps:

Affected products:

SpyHunter 4

Related links:

https://nvd.nist.gov/vuln/detail/CVE-2020-37055
https://www.enigmasoftware.com
https://www.exploit-db.com/exploits/48172
https://www.vulncheck.com/advisories/spyhunter-spyhunter-service-unquoted-service-path

Related CVE's:

Related threat actors:

IOC's:

This article was created with the assistance of AI technology by Perceptive.

About us

© 2025 by Perceptive Security. All rights reserved.

email: info@perceptivesecurity.com

Disclaimer: Deze website toont informatie afkomstig van externe bronnen. Perceptive aanvaardt geen verantwoordelijkheid voor de inhoud, juistheid of volledigheid van deze informatie.

bottom of page