CVE-2023-53946
Published: 19 December 2025
Summary
CVE-2023-53946 is a high-severity Unquoted Search Path or Element (CWE-428) vulnerability in Arcsoft PhotoStudio (inferred from references). Its CVSS base score is 8.5 (High).
Operationally, ranked at the 3.2th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-204607
Vulnerability details
Arcsoft PhotoStudio 6.0.0.172 contains an unquoted service path vulnerability in the ArcSoft Exchange Service that allows local attackers to escalate privileges. Attackers can place a malicious executable in the unquoted path and trigger the service to execute arbitrary code with…
more
system-level permissions.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.