## https://sploitus.com/exploit?id=ECBAEA94-81E9-5A84-ABDE-D93E6F1A9CB8
# CVE-2024-27673
ASUS Control Center Express =< 01.06.15 - Unquoted Service Path
### Description:
ASUS Control Center Express Version =< 01.06.15 contains an unquoted service path which allows attackers to escalate privileges to the system level.
Assuming attackers have write access to C:\, the attackers can abuse the Asus service "Apro console service"/apro_console.exe which upon restarting will invoke C:\Program.exe with SYSTEM privileges.
The binary path of the service alone isn't susceptible, but upon its initiation, it will execute C:\program.exe as SYSTEM.
### Impacted service(s)
Service Name: AProConsoleService
binary impacted: apro_console.exe
### program.exe
![Alt text](https://raw.githubusercontent.com/Alaatk/CVE-2024-27673/main/unqouted-service-path.PNG)
### Risk
In case of a poorly configured system, where a low privileged user could write to C:\ directory, they could use it to elevate their privileges to SYSTEM.
#### Discovered by:
Alaa Kachouh