HIGH
Winstep
CVE published 2026-06-19
CVE-2020-37253
CVE-2020-37253 is a high-severity unquoted service path vulnerability in Winstep 18.06.0096. The Winstep Xtreme Service is affected, allowing local attackers to escalate privileges by placing malicious executables in the Program Files directory, which will be executed with LocalSystem privileges when the service starts. Defenders should prioritize patching or mitigating this vulnerability to prevent poten [truncated]