CVE-2021-47773 – CVE-2021-47773 is an unquoted service path vuln... (How to Fix)

📋 TL;DR

CVE-2021-47773 is an unquoted service path vulnerability in Dynojet Power Core 2.3.0 that allows local authenticated users to execute arbitrary code with elevated SYSTEM privileges. Attackers can place malicious executables in the service's file path to gain Local System access. This affects systems running the vulnerable version of Dynojet Power Core.

💻 Affected Systems

Products:

Dynojet Power Core

Versions: 2.3.0

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Requires local authenticated access to the system. The DJ.UpdateService runs with SYSTEM privileges.

📦 What is this software?

Power Core by Dynojet

View all CVEs affecting Power Core →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with SYSTEM privileges, allowing complete control over the affected system, data theft, and lateral movement within the network.

🟠

Likely Case

Local privilege escalation leading to persistence, credential harvesting, and installation of additional malware on the compromised system.

🟢

If Mitigated

Limited impact with proper access controls and monitoring, potentially only allowing execution of low-privilege code.

🌐 Internet-Facing: LOW - This is a local privilege escalation vulnerability requiring authenticated local access.

🏢 Internal Only: HIGH - Internal attackers or compromised accounts can exploit this to gain SYSTEM privileges and move laterally.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: CONFIRMED

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit code is publicly available on Exploit-DB. Requires local authenticated access and ability to write to the service path.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Unknown

Vendor Advisory: https://www.dynojet.com/

Restart Required: Yes

Instructions:

1. Check Dynojet website for updated version
2. Uninstall vulnerable version
3. Install patched version if available
4. Restart system

🔧 Temporary Workarounds

Quote Service Path

windows

Modify the service configuration to use quoted paths for the executable

sc config "DJ.UpdateService" binPath= "\"C:\Program Files\Dynojet\Power Core\UpdateService.exe\""

Restrict Write Permissions

windows

Remove write permissions for non-administrative users on the service directory

icacls "C:\Program Files\Dynojet\Power Core" /deny Users:(OI)(CI)W

🧯 If You Can't Patch

Disable or remove the DJ.UpdateService if not required
Implement strict access controls and monitoring on affected systems

🔍 How to Verify

Check if Vulnerable:

Check if DJ.UpdateService exists and has an unquoted path: sc qc "DJ.UpdateService"

Check Version:

Check installed version in Control Panel > Programs and Features or via registry: reg query "HKLM\SOFTWARE\Dynojet\Power Core" /v Version

Verify Fix Applied:

Verify service path is quoted and proper permissions are set on the directory

📡 Detection & Monitoring

Log Indicators:

Service creation/modification events
Unusual file creation in Dynojet directories
Process execution with SYSTEM privileges from unusual paths

Network Indicators:

Unusual outbound connections from systems running Dynojet Power Core

SIEM Query:

EventID=7045 OR (EventID=4688 AND NewProcessName LIKE '%Dynojet%') OR (EventID=4663 AND ObjectName LIKE '%Dynojet%Power Core%')

📊 Metadata

CVE ID: CVE-2021-47773

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-428

EPSS Score: 0.01% exploit probability (2.1th percentile)

Published: January 15, 2026

Last Updated: January 23, 2026

🔗 References

https://www.dynojet.com/ Product
https://www.exploit-db.com/exploits/50466 Exploit
https://www.exploit-db.com/exploits/50466 Exploit

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2021-47773, you might also want to check these: