Cve-2021-27608 An Unquotes Service Path
Hi everyone,
If you got this vulnerability and you do not know what it is, no worry you are not alone. I was not aware of it when it came in 2021. Also, I did not know how to fix it when it started showing this year in some services.
This vulnerability back to 2021 regarding an SAP service. But also related to other services.
In my case, the issue way for the Teamviewer service
I checked the service from services and Registry Key, and both came unquoted.
RegKey path
Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\TeamViewer
Services
How to Solve it:
There are many ways to fix it I use two of them:
- Change the RegKey directly, going to the where is the service(s) and inserting the quotes. as shown below
2. Simple PowerShell Script will do it for you,
Set-ItemProperty -Path "HKLM:\System\CurrentControlSet\Services\TeamViewer" `
-Name ImagePath -Value "C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe"Of course, you can replace the service name in the PowerShell with your affected service in the first line and 2nd line in the (.exe).
Basically, that fixed the vulnerability.
Thanks for your reading.