Cyber Resilience

CVE-2020-37102

HighPublic PoC

Published: 03 February 2026

Published
03 February 2026
Modified
15 April 2026
KEV Added
Patch
CVSS Score v4 8.5 CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0012 2.1th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2020-37102 is a high-severity Unquoted Search Path or Element (CWE-428) vulnerability in Webcompanion (inferred from references). Its CVSS base score is 8.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Path Interception by Unquoted Path (T1574.009); ranked at the 2.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SI-2 (Flaw Remediation).

Deeper analysis

CVE-2020-37102 is an unquoted service path vulnerability in the WCAssistantService component of Adaware Web Companion version 4.9.2159. This issue, mapped to CWE-428, enables local attackers to potentially execute arbitrary code by exploiting the unquoted binary path in the service configuration. The vulnerability carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H) and was published on 2026-02-03.

Local attackers with low privileges can exploit this vulnerability by placing a malicious executable in a directory that precedes the legitimate service binary in the system's search path. When the WCAssistantService starts, the system executes the attacker's binary instead, running it with LocalSystem privileges and potentially achieving high impacts on confidentiality, integrity, and availability.

Advisories, including one from VulnCheck at https://www.vulncheck.com/advisories/adaware-web-companion-wcassistantservice-unquoted-service-path, describe the unquoted path flaw in detail. A proof-of-concept exploit is publicly available on Exploit-DB at https://www.exploit-db.com/exploits/47852. Vendor pages at http://webcompanion.com/ and related links provide additional context but do not specify patches in the referenced materials.

EU & UK References

Vulnerability details

Adaware Web Companion 4.9.2159 contains an unquoted service path vulnerability in the WCAssistantService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges…

more

during service startup.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1574.009 Path Interception by Unquoted Path Stealth
Adversaries may execute their own malicious payloads by hijacking vulnerable file path references.
Why these techniques?

Unquoted service path (CWE-428) in WCAssistantService directly enables path interception by placing a malicious binary earlier in the search path, executed with LocalSystem privileges on service start.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2020-36928Shared CWE-428
CVE-2023-54336Shared CWE-428
CVE-2020-37048Shared CWE-428
CVE-2019-25306Shared CWE-428
CVE-2020-36979Shared CWE-428
CVE-2020-36929Shared CWE-428
CVE-2020-37017Shared CWE-428
CVE-2021-47859Shared CWE-428
CVE-2019-25309Shared CWE-428
CVE-2021-47790Shared CWE-428

Affected Assets

Webcompanion
inferred from references and description; NVD did not file a CPE for this CVE

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Establishes and enforces secure configuration settings for services, requiring quoted executable paths to directly prevent exploitation of unquoted service paths like in WCAssistantService.

prevent

Mandates timely identification, reporting, and remediation of flaws such as the unquoted service path vulnerability in Adaware Web Companion.

prevent

Enforces least privilege for high-privilege services like WCAssistantService running as LocalSystem, reducing the impact of arbitrary code execution via exploited unquoted paths.

References