What is CVE-2016-20056?

CVE-2016-20056 is a high-severity vulnerability in Spy-emergency Spy Emergency, classified under Unquoted Search Path or Element. CVSS score: 7.8/10. Published 2026-04-04.

How severe is CVE-2016-20056?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Spy-emergency Spy Emergency

CVE-2016-20056

Spy Emergency build 23.0.205 contains an unquoted service path vulnerability in the SpyEmrgHealth and SpyEmrgSrv services that allows local attackers to escalate privileges by inserting malicious executables. Attackers can place executable…

EPSS: 0.000 (0.4th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Spy-emergency Spy Emergency — versions 23.0.205

Weakness classification (CWE)

CWE-428 — Unquoted Search Path or Element

References

ExploitDB-40550 (exploit)
Official Product Homepage (product)
Product Reference (product)
VulnCheck Advisory: Spy Emergency build 23.0.205 Unquoted Service Path Privilege Escalation (third-party-advisory)

Frequently asked questions

What is CVE-2016-20056?: CVE-2016-20056 is a high-severity vulnerability in Spy-emergency Spy Emergency, classified under Unquoted Search Path or Element. CVSS score: 7.8/10. Published 2026-04-04.
How severe is CVE-2016-20056?: High severity. CVSS v3 base score is 7.8 out of 10.