CVE-2019-25308 – CVE-2019-25308 is an unquoted service path vuln... (How to Fix)

Q: What is the severity of CVE-2019-25308?

CVE-2019-25308 has a CVSS score of 7.8 (HIGH). CVE-2019-25308 is an unquoted service path vulnerability in Mikogo's Windows service that allows attackers with local access to execute arbitrary code with SYSTEM privileges. This affects Mikogo 5.2.2.150317 installations on Windows systems. Attackers can exploit this by placing malicious executables in specific path locations that the service attempts to load.

📋 TL;DR

CVE-2019-25308 is an unquoted service path vulnerability in Mikogo's Windows service that allows attackers with local access to execute arbitrary code with SYSTEM privileges. This affects Mikogo 5.2.2.150317 installations on Windows systems. Attackers can exploit this by placing malicious executables in specific path locations that the service attempts to load.

💻 Affected Systems

Products:

Mikogo

Versions: 5.2.2.150317

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Windows installations where the Mikogo-Service is installed and running.

📦 What is this software?

Mikogo by Mikogo

View all CVEs affecting Mikogo →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with LocalSystem privileges, allowing complete control over the affected Windows system, data theft, lateral movement, and persistence establishment.

🟠

Likely Case

Local privilege escalation from a lower-privileged user account to SYSTEM, enabling installation of malware, backdoors, or credential harvesting.

🟢

If Mitigated

Limited impact due to proper access controls preventing local attackers from writing to service path directories.

🌐 Internet-Facing: LOW - This requires local access to the system, not directly exploitable over the network.

🏢 Internal Only: HIGH - Internal attackers with local access can exploit this for privilege escalation and system compromise.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires local access to write files to specific directories. Public exploit code is available on Exploit-DB.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Later versions of Mikogo (check vendor for specific fixed version)

Vendor Advisory: https://www.vulncheck.com/advisories/mikogo-mikogo-service-unquoted-service-path

Restart Required: Yes

Instructions:

1. Upgrade Mikogo to the latest version. 2. Verify the service path is properly quoted in the Windows service configuration. 3. Restart the Mikogo-Service.

🔧 Temporary Workarounds

Add quotes to service path

windows

Manually edit the Windows service configuration to add quotes around the service executable path

sc config "Mikogo-Service" binPath= "\"C:\Program Files\Mikogo\Mikogo-Service.exe\""

Restrict directory permissions

windows

Set strict ACLs on directories in the service path to prevent unauthorized file creation

icacls "C:\Program Files\Mikogo" /deny Users:(OI)(CI)W

🧯 If You Can't Patch

Implement strict access controls to prevent unauthorized users from writing to directories in the service path
Monitor for suspicious file creation in Mikogo installation directories and service path locations

🔍 How to Verify

Check if Vulnerable:

Check if Mikogo-Service path is unquoted: sc qc "Mikogo-Service" | findstr BINARY_PATH_NAME

Check Version:

Check Mikogo version in Control Panel > Programs and Features or via the application interface

Verify Fix Applied:

Verify service path has quotes: sc qc "Mikogo-Service" | findstr BINARY_PATH_NAME should show quoted path

📡 Detection & Monitoring

Log Indicators:

Windows Event Logs showing unexpected service restarts
Security logs showing file creation in Mikogo directories by non-admin users

Network Indicators:

Unusual outbound connections from Mikogo-Service process

SIEM Query:

EventID=4688 AND NewProcessName LIKE '%Mikogo-Service%' AND SubjectUserName NOT IN (admin_users)

📊 Metadata

CVE ID: CVE-2019-25308

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-428

EPSS Score: 0.01% exploit probability (0.2th percentile)

Published: February 11, 2026

Last Updated: February 26, 2026

🔗 References

http://html.tucows.com/preview/518015/Mikogo?q=remote+support Broken Link
https://www.exploit-db.com/exploits/47510 Exploit,VDB Entry
https://www.vulncheck.com/advisories/mikogo-mikogo-service-unquoted-service-path Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2019-25308, you might also want to check these: