Moole Vulnerability Database

Find real vulnerabilities before they ship

High

CVE-2021-47945

Argus Surveillance DVR 4.0 contains an unquoted service path vulnerability in the DVRWatchdog service that allows local attackers to escalate privileges by exploiting the service binary path. Attackers can place a malicious executable in the Program Files directory to be executed with LocalSystem privileges when the service starts.

VectorLOCAL

PublishedMay 10, 2026, 13:16

Published Bydisclosure@vulncheck.com

Base Score

Score7.8

Affected Versions

No affected versions found.

References

https://www.exploit-db.com/exploits/50261
https://www.vulncheck.com/advisories/argus-surveillance-dvr-unquoted-service-path-privilege-escalation

Weakness Type

CWE-428

CVSS Metrics

Base Score

8.5

Vector String

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Base SeverityHigh

Version

4.0

Attack Vector (AV)

LOCAL