CVE-2023-54331 – CVE-2023-54331 is an unquoted service path vuln... (How to Fix)

Q: What is the severity of CVE-2023-54331?

CVE-2023-54331 has a CVSS score of 7.8 (HIGH). CVE-2023-54331 is an unquoted service path vulnerability in Outline 1.6.0 that allows local attackers to execute arbitrary code with LocalSystem privileges. This affects systems where Outline is installed with vulnerable configurations, primarily impacting Windows environments where attackers have local access.

📋 TL;DR

CVE-2023-54331 is an unquoted service path vulnerability in Outline 1.6.0 that allows local attackers to execute arbitrary code with LocalSystem privileges. This affects systems where Outline is installed with vulnerable configurations, primarily impacting Windows environments where attackers have local access.

💻 Affected Systems

Products:

Outline

Versions: 1.6.0

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects Windows systems due to the nature of Windows service path handling. Requires Outline to be installed as a service with an unquoted path.

📦 What is this software?

Outline by Getoutline

View all CVEs affecting Outline →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Full system compromise with LocalSystem privileges leading to complete control over the affected system, data exfiltration, and lateral movement within the network.

🟠

Likely Case

Local privilege escalation allowing attackers to gain elevated system privileges and potentially install persistent backdoors or malware.

🟢

If Mitigated

Limited impact due to proper access controls, monitoring, and restricted local user privileges preventing exploitation.

🌐 Internet-Facing: LOW - This vulnerability requires local access to the system and cannot be exploited remotely over the internet.

🏢 Internal Only: HIGH - Local attackers on the same system can exploit this vulnerability to gain elevated privileges, making it a significant internal threat.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploit requires local access to the system. Proof of concept is publicly available on Exploit-DB (ID 51128).

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 1.6.1 or later

Vendor Advisory: https://getoutline.org/

Restart Required: Yes

Instructions:

1. Download and install Outline version 1.6.1 or later from getoutline.org. 2. Stop the Outline service. 3. Install the updated version. 4. Restart the Outline service. 5. Verify the service path is properly quoted in Windows Services.

🔧 Temporary Workarounds

Manually Quote Service Path

windows

Manually edit the Outline service path to include quotes around the executable path

sc config OutlineService binPath= "C:\Program Files\Outline\OutlineService.exe"

Restrict Local User Privileges

windows

Implement least privilege principles to restrict local users from writing to directories in the service path

🧯 If You Can't Patch

Remove local user write permissions to directories in the Outline service path hierarchy
Implement application whitelisting to prevent execution of unauthorized binaries

🔍 How to Verify

Check if Vulnerable:

Check if Outline version is 1.6.0 and examine the service path in Windows Services (services.msc) for unquoted paths containing spaces

Check Version:

Outline --version or check in Windows Programs and Features

Verify Fix Applied:

Verify Outline version is 1.6.1 or later and confirm the service path in Windows Services is properly quoted

📡 Detection & Monitoring

Log Indicators:

Windows Event Logs showing unexpected service modifications
Security logs showing privilege escalation attempts

Network Indicators:

Unusual outbound connections from the Outline service
Lateral movement attempts from the affected system

SIEM Query:

EventID=4688 AND ProcessName="OutlineService.exe" AND ParentProcessName="services.exe" AND CommandLine contains suspicious parameters

📊 Metadata

CVE ID: CVE-2023-54331

CVSS v3 Score: 7.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-428

EPSS Score: 0.01% exploit probability (1.7th percentile)

Published: January 13, 2026

Last Updated: February 2, 2026

🔗 References

https://getoutline.org/ Product
https://www.exploit-db.com/exploits/51128 Exploit,Third Party Advisory
https://www.vulncheck.com/advisories/outline-unquoted-service-path Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-54331, you might also want to check these: