CVE-2021-47807
Published: 16 January 2026
Summary
CVE-2021-47807 is a high-severity Unquoted Search Path or Element (CWE-428) vulnerability in Flexense Sync Breeze. Its CVSS base score is 8.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Path Interception by Unquoted Path (T1574.009); ranked at the 11.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2021-47807 is an unquoted service path vulnerability in Sync Breeze version 13.6.18. The issue resides in the Windows service configuration, where service binaries located in 'Program Files' directories use unquoted paths, allowing potential arbitrary code execution. It is classified under CWE-428 and carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Local attackers can exploit this vulnerability by injecting malicious executables into paths that the service resolves due to the unquoted service path. With low-privilege access on the system, attackers can achieve privilege escalation upon service restart or execution.
Advisories, including VulnCheck's note on multiple unquoted service paths in Sync Breeze and the vendor site at https://www.syncbreeze.com/, provide further details on the issue. A proof-of-concept exploit is available at https://www.exploit-db.com/exploits/50023.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-3025
Vulnerability details
Sync Breeze 13.6.18 contains an unquoted service path vulnerability in its Windows service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in service binaries located in 'Program Files' directories to inject malicious…
more
executables and escalate privileges.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unquoted service path in Windows service directly enables path interception by unquoted path for local privilege escalation.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Requires establishment and implementation of secure configuration settings for services, directly preventing exploitation of unquoted service paths like in CVE-2021-47807.
Mandates identification, reporting, and timely correction of flaws such as the unquoted service path vulnerability in Sync Breeze.
Vulnerability scanning identifies configuration issues like unquoted service paths, enabling remediation before exploitation.