CVE-2023-53965

SOUND4 Server Service 4.1.102 Local Privilege Escalation via Unquoted Service Path

Description

SOUND4 Server Service 4.1.102 contains an unquoted service path vulnerability that allows local non-privileged users to potentially execute code with elevated system privileges. Attackers can exploit the unquoted binary path by inserting malicious code in the system root path that could execute with LocalSystem privileges during service startup.

INFO

Published Date :

2025-12-22T21:35:29.980Z

Last Modified :

2025-12-22T22:05:26.914Z

Source :

VulnCheck

AFFECTED PRODUCTS

The following products are affected by CVE-2023-53965 vulnerability.

Vendors	Products
Sound4	Big Voice Big Voice Firmware First First Firmware Impact Impact Eco Impact Eco Firmware Impact Firmware Ip Connect Ip Connect Firmware Playout Ula8 Playout Ula8 Firmware Pulse Pulse Eco Pulse Eco Firmware Pulse Firmware Server Service Stream X2 Stream X2 Firmware Stream X4 Stream X4 Firmware Stream X8 Stream X8 Firmware Voice Ula2 Voice Ula2 Firmware Voice Ula4 Voice Ula4 Firmware Voice Ula8 Voice Ula8 Firmware Wm2 Wm2 Firmware

Vendors

Products

Sound4

Big Voice
Big Voice Firmware
First
First Firmware
Impact
Impact Eco
Impact Eco Firmware
Impact Firmware
Ip Connect
Ip Connect Firmware
Playout Ula8
Playout Ula8 Firmware
Pulse
Pulse Eco
Pulse Eco Firmware
Pulse Firmware
Server Service
Stream X2
Stream X2 Firmware
Stream X4
Stream X4 Firmware
Stream X8
Stream X8 Firmware
Voice Ula2
Voice Ula2 Firmware
Voice Ula4
Voice Ula4 Firmware
Voice Ula8
Voice Ula8 Firmware
Wm2
Wm2 Firmware

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2023-53965.

URL	Resource
https://web.archive.org/web/20221207074555/https://www.sound4.com/
https://www.exploit-db.com/exploits/51167
https://www.vulncheck.com/advisories/sound-server-service-local-privilege-escalation-via-unquoted-service-path
https://www.zeroscience.mk/en/vulnerabilities/ZSL-2022-5721.php