CVE-2022-50915
Published: 13 January 2026
Summary
CVE-2022-50915 is a high-severity Unquoted Search Path or Element (CWE-428) vulnerability in Primera Ptpublisher. Its CVSS base score is 8.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Path Interception by Unquoted Path (T1574.009); ranked at the 9.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 CM-6 (Configuration Settings) and SI-2 (Flaw Remediation).
Deeper analysis
CVE-2022-50915 is an unquoted service path vulnerability in PTPublisher 2.3.4, affecting the PTProtect service. The issue arises from the unquoted service path 'C:\Program Files (x86)\Primera Technology\PTPublisher\UsbFlashDongleService.exe', which enables local attackers to potentially execute arbitrary code with elevated privileges. Published on 2026-01-13, it carries a CVSS v3.1 base score of 7.8 (AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H) and maps to CWE-428.
Local low-privileged attackers (PR:L) can exploit this vulnerability by placing a malicious executable in a directory that the Windows service path resolution prioritizes before the legitimate binary, such as exploiting spaces in the path. Successful exploitation allows arbitrary code execution with SYSTEM-level privileges, resulting in high confidentiality, integrity, and availability impacts, including full system-level access.
Advisories provide further details on mitigation, available at Exploit-DB (exploit 50885), the vendor site at primera.com, and VulnCheck's advisory on the PTPublisher unquoted service path. Security practitioners should review these references for patching guidance and remediation steps.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-2621
Vulnerability details
PTPublisher 2.3.4 contains an unquoted service path vulnerability in the PTProtect service that allows local attackers to potentially execute arbitrary code with elevated privileges. Attackers can exploit the unquoted path in 'C:\Program Files (x86)\Primera Technology\PTPublisher\UsbFlashDongleService.exe' to inject malicious executables and…
more
gain system-level access.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Unquoted service path directly enables path interception for privilege escalation to SYSTEM.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Flaw remediation directly patches the unquoted service path vulnerability in PTProtect, preventing local low-privileged attackers from executing arbitrary code with SYSTEM privileges.
Baseline configuration settings enforce quoted service paths in the registry and secure directory permissions, blocking exploitation of the unquoted path in PTPublisher's UsbFlashDongleService.exe.
Least privilege for the PTProtect service account reduces the impact of privilege escalation achieved via the unquoted service path vulnerability.