CVE-2023-53912
low-risk
Published 2025-12-17
USB Flash Drives Control 4.1.0.0 contains an unquoted service path vulnerability in its service configuration that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in 'C:\Program Files\USB Flash Drives Control\usbcs.exe' to inject malicious executables and escalate privileges on Windows systems.
Do I need to act?
-
0.02% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
6
CVSS 6.2/10
Medium
LOCAL
/ LOW complexity
25
/ 100
low-risk
Severity
20/34 · Moderate
Exploitability
0/34 · Minimal
Exposure
5/34 · Minimal