CVE-2016-20060

HIGH NVD

CVSS Score 7.8

Severity HIGH

Published Apr 04, 2026

Vendor unknown

Description

Hotspot Shield 6.0.3 contains an unquoted service path vulnerability in the hshld service binary that allows local attackers to escalate privileges by injecting malicious executables. Attackers can place executable files in the service path and upon service restart or system reboot, the malicious code executes with LocalSystem privileges.

References

https://www.exploit-db.com/exploits/40528
https://www.hotspotshield.com
https://www.hotspotshield.com/download/
https://www.vulncheck.com/advisories/hotspot-shield-unquoted-service-path-privilege-escalation