What is CVE-2020-37231?

CVE-2020-37231 is a high-severity vulnerability in Cybertronsoft Privacy Drive, classified under Unquoted Search Path or Element. CVSS score: 7.8/10. Published 2026-05-16.

How severe is CVE-2020-37231?

High severity. CVSS v3 base score is 7.8 out of 10.

Vulnerability in Cybertronsoft Privacy Drive

CVE-2020-37231

Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service binary that allows local attackers to escalate privileges by exploiting the service startup process. Attackers can place malicious executables in…

EPSS: 0.000 (2.6th percentile) — read the EPSS interpretation.

CVSS v3 metric

CVSS v3 base score 7.8 (High). Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H.

Affected products

Cybertronsoft Privacy Drive — versions 3.17.0 Build 1456

Weakness classification (CWE)

CWE-428 — Unquoted Search Path or Element

References

disclosure@vulncheck.com (exploit)
disclosure@vulncheck.com (product)
disclosure@vulncheck.com (product)
disclosure@vulncheck.com (third-party-advisory)

Frequently asked questions

What is CVE-2020-37231?: CVE-2020-37231 is a high-severity vulnerability in Cybertronsoft Privacy Drive, classified under Unquoted Search Path or Element. CVSS score: 7.8/10. Published 2026-05-16.
How severe is CVE-2020-37231?: High severity. CVSS v3 base score is 7.8 out of 10.