CNNVD-202602-998 Information

CNNVD ID

CNNVD-202602-998

Related CVE

CVE-2019-25304

• CNNVD Published: 2026-02-06

Description (Chinese)

ISS SecurOS Enterprise是美国ISS公司的一个视频管理平台。 ISS SecurOS Enterprise 10.2版本存在代码问题漏洞，该漏洞源于SecurosCtrlService存在未加引号的服务路径，可能导致本地用户以提升的权限执行代码。

Description (English)

ISS SecurOS Enterprise is a video management platform for ISIS. Iss SecurOS Enterprise 10.2 has a code gap, which stems from the service path of SecurosCtrlService with no quotes, which may lead to local users using enhanced permission to execute codes.

Hazard Level

Medium

Vulnerability Type

代码问题

Affected Vendor

ISS

Published

2026-02-06

Last Modified

2026-02-24

References

https://www.exploit-db.com/exploits/47556 https://www.issivs.com https://www.issivs.com/product-detail/secure-os-enterprise/ https://www.vulncheck.com/advisories/intelligent-security-system-securos-enterprise-securosctrlservice-unquoted-service-path