PanteraSoft HDD Health search path or unquoted item vulnerability

Posted date 02/02/2024
4 - High
Affected Resources
  • PanteraSoft HDD Health, versions and earlier.

INCIBE has coordinated the publication of a high severity vulnerability affecting HDD Health, a hard disk monitoring tool developed by PanteraSoft, which has been discovered by Jorge Manuel Lozano Gómez.

This vulnerability has been assigned the following code, CVSS v3.1 base score, CVSS vector and vulnerability type CWE:

  • CVE-2024-1201: 7.8 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H | CWE-428.

There is no reported solution at this time.


CVE-2024-1201: search path or unquoted item vulnerability in HDD Health affecting versions and earlier. This vulnerability could allow a local attacker to store a malicious executable file within the unquoted search path, resulting in privilege escalation.

References list