📧 info@ciso.sa | 📱 +966550939344 | Riyadh, Kingdom of Saudi Arabia
About FAQ Contact Us Terms of Service Privacy Policy 🌐 العربية
🔐

Welcome — Sign in or create an account for full access.

🔑 Sign In ✨ Register
🌐 العربية Sign In Create Account
🔧 Scheduled Maintenance — Saturday 2:00-4:00 AM AST. Some features may be temporarily unavailable.    ●   
💎
Pro Plan 50% Off Unlock all AI features, unlimited reports, and priority support. Upgrade
Search Center
ESC to close
navigate open Ctrl+K search
CISO Consulting
Global vulnerability Information Technology CRITICAL 1h Global phishing Multiple Sectors HIGH 1h Global vulnerability Technology/Software HIGH 2h Global general Multiple sectors MEDIUM 4h Global phishing Telecommunications and Financial Services HIGH 4h Global data_breach Utilities and Critical Infrastructure HIGH 20h Global vulnerability Technology/Software MEDIUM 1d Global malware Multiple sectors (general) HIGH 1d Global apt Government CRITICAL 2d Global apt Critical Infrastructure / Nuclear Energy CRITICAL 2d Global vulnerability Information Technology CRITICAL 1h Global phishing Multiple Sectors HIGH 1h Global vulnerability Technology/Software HIGH 2h Global general Multiple sectors MEDIUM 4h Global phishing Telecommunications and Financial Services HIGH 4h Global data_breach Utilities and Critical Infrastructure HIGH 20h Global vulnerability Technology/Software MEDIUM 1d Global malware Multiple sectors (general) HIGH 1d Global apt Government CRITICAL 2d Global apt Critical Infrastructure / Nuclear Energy CRITICAL 2d Global vulnerability Information Technology CRITICAL 1h Global phishing Multiple Sectors HIGH 1h Global vulnerability Technology/Software HIGH 2h Global general Multiple sectors MEDIUM 4h Global phishing Telecommunications and Financial Services HIGH 4h Global data_breach Utilities and Critical Infrastructure HIGH 20h Global vulnerability Technology/Software MEDIUM 1d Global malware Multiple sectors (general) HIGH 1d Global apt Government CRITICAL 2d Global apt Critical Infrastructure / Nuclear Energy CRITICAL 2d
Vulnerabilities

CVE-2022-50693

High
Splashtop 8.71.12001.0 contains an unquoted service path vulnerability in the Splashtop Software Updater Service that allows local attackers to potentially execute arbitrary code. Attackers can exploi
CWE-428 — Weakness Type
Published: Jan 13, 2026  ·  Modified: Feb 28, 2026  ·  Source: NVD
CVSS v3
8.4
🔗 NVD Official
📄 Description (English)

Splashtop 8.71.12001.0 contains an unquoted service path vulnerability in the Splashtop Software Updater Service that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted path in C:\Program Files (x86)\Splashtop\Splashtop Software Updater\ to inject malicious executables and escalate privileges.

🤖 AI Executive Summary

CVE-2022-50693 is a local privilege escalation vulnerability in Splashtop Software Updater Service (version 8.71.12001.0) caused by an unquoted service path. Attackers with local access can inject malicious executables into the service path to achieve arbitrary code execution with elevated privileges. While no public exploit is available, the vulnerability has a CVSS score of 8.4 and poses significant risk to organizations using Splashtop for remote access and support.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: Apr 24, 2026 16:02
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability primarily impacts Saudi organizations in Banking (remote IT support), Government agencies (NCA, GOSI, MOH), Telecommunications (STC, Mobily), and Energy sectors (ARAMCO) that rely on Splashtop for remote access and technical support. The local privilege escalation risk is particularly severe in environments with shared workstations or where insider threats are a concern. Financial institutions and critical infrastructure operators face elevated risk of unauthorized system access and data exfiltration.
🏢 Affected Saudi Sectors
Banking and Financial Services Government and Public Administration Healthcare Energy and Utilities Telecommunications Critical Infrastructure
⚖️ Saudi Risk Score (AI)
7.8
/ 10.0
🔧 Remediation Steps (English)
Immediate Actions:

1. Identify all systems running Splashtop Software Updater version 8.71.12001.0 or earlier using asset inventory tools

2. Restrict local access to affected systems through access controls and user privilege management

3. Monitor for suspicious process execution from C:\Program Files (x86)\Splashtop\Splashtop Software Updater\ directory



Patching Guidance:

1. Update Splashtop Software Updater to version 8.71.12002.0 or later immediately

2. Verify patch installation by checking service properties and file version numbers

3. Test updates in non-production environments first



Compensating Controls:

1. Implement application whitelisting to prevent unauthorized executable execution in Splashtop directories

2. Enable Windows Defender Application Guard or similar sandboxing for Splashtop processes

3. Enforce principle of least privilege - run Splashtop services with minimal required permissions

4. Implement file integrity monitoring on C:\Program Files (x86)\Splashtop\ directory



Detection Rules:

1. Monitor for file creation/modification in Splashtop installation directories by non-system accounts

2. Alert on service restart events for Splashtop Software Updater Service

3. Track process execution with parent process being Splashtop Software Updater Service

4. Monitor for privilege escalation events following Splashtop service activity
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:

1. تحديد جميع الأنظمة التي تقوم بتشغيل Splashtop Software Updater الإصدار 8.71.12001.0 أو أقدم باستخدام أدوات جرد الأصول

2. تقييد الوصول المحلي للأنظمة المتأثرة من خلال عناصر التحكم في الوصول وإدارة امتيازات المستخدم

3. مراقبة تنفيذ العمليات المريبة من دليل C:\Program Files (x86)\Splashtop\Splashtop Software Updater\



إرشادات التصحيح:

1. تحديث Splashtop Software Updater إلى الإصدار 8.71.12002.0 أو أحدث فورًا

2. التحقق من تثبيت التصحيح بفحص خصائص الخدمة وأرقام إصدار الملفات

3. اختبار التحديثات في بيئات غير الإنتاج أولاً



عناصر التحكم البديلة:

1. تنفيذ قائمة بيضاء للتطبيقات لمنع تنفيذ ملفات تنفيذية غير مصرح بها في أدلة Splashtop

2. تفعيل Windows Defender Application Guard أو حماية مماثلة لعمليات Splashtop

3. فرض مبدأ أقل امتياز - تشغيل خدمات Splashtop برفع صلاحيات محدود

4. تنفيذ مراقبة سلامة الملفات على دليل C:\Program Files (x86)\Splashtop\



قواعد الكشف:

1. مراقبة إنشاء/تعديل الملفات في أدلة تثبيت Splashtop بواسطة حسابات غير النظام

2. تنبيه أحداث إعادة تشغيل الخدمة لخدمة Splashtop Software Updater

3. تتبع تنفيذ العملية مع كون العملية الأب هي خدمة Splashtop Software Updater

4. مراقبة أحداث تصعيد الامتيازات بعد نشاط Splashtop
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
5.1.1 - Access Control and Authentication 5.2.1 - Privilege Management 5.3.1 - Malware Protection 6.1.1 - Vulnerability Management 6.2.1 - Patch Management
🔵 SAMA CSF
ID.AM-2 - Software Inventory PR.AC-1 - Access Control PR.PT-2 - Protective Technology DE.CM-4 - Malicious Code Detection RS.MI-2 - Incident Response
🟡 ISO 27001:2022
A.5.15 - Access Control A.6.1.2 - Segregation of Duties A.8.1.1 - Asset Inventory A.12.2.1 - Change Management A.12.6.1 - Management of Technical Vulnerabilities
🟣 PCI DSS v4.0
2.2.4 - Configure system security parameters 6.2 - Ensure security patches are installed 8.1 - Assign unique user ID 8.2.3 - Passwords with strong cryptography
📊 CVSS Score
8.4
/ 10.0 — High
📊 CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Attack VectorL — Low / Local
Attack ComplexityL — Low / Local
Privileges RequiredN — None / Network
User InteractionN — None / Network
ScopeU — Unchanged
ConfidentialityH — High
IntegrityH — High
AvailabilityH — High
📋 Quick Facts
Severity High
CVSS Score8.4
CWECWE-428
EPSS0.02%
Exploit No
Patch ✓ Yes
Published 2026-01-13
Source Feed nvd
Views 4
🇸🇦 Saudi Risk Score
7.8
/ 10.0 — Saudi Risk
Priority: HIGH
🏷️ Tags
CWE-428
⚡ Actions
🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details
Share this CVE
LinkedIn X / Twitter WhatsApp Telegram
📣 Found this valuable?
Share it with your cybersecurity network
in LinkedIn 𝕏 X / Twitter 💬 WhatsApp ✈ Telegram
🍪 Privacy Preferences
CISO Consulting — Compliant with Saudi Personal Data Protection Law (PDPL)
We use cookies and similar technologies to provide the best experience on our platform. You can choose which types you accept.
🔒
Essential Always On
Required for the website to function properly. Cannot be disabled.
📋 Sessions, CSRF tokens, authentication, language preferences
📊
Analytics
Help us understand how visitors use the site and improve performance.
📋 Page views, session duration, traffic sources, performance metrics
⚙️
Functional
Enable enhanced features like content personalization and preferences.
📋 Dark/light theme, font size, custom dashboards, saved filters
📣
Marketing
Used to deliver content and ads relevant to your interests.
📋 Campaign tracking, retargeting, social media analytics
Privacy Policy →
CISO AI Assistant
Ask anything · Documents · Support
🔐

Introduce Yourself

Enter your details to access the full assistant

Your info is private and never shared
💬
CyberAssist
Online · responds in seconds
5 / 5
🔐 Verify Your Identity

Enter your email to receive a verification code before submitting a support request.

Enter to send · / for commands 0 / 2000
CISO AI · Powered by Anthropic Claude
✦ Quick Survey Help Us Improve CISO Consulting Your feedback shapes the future of our platform — takes less than 2 minutes.
⚠ Please answer this question to continue

How would you rate your overall experience with our platform?

Rate from 1 (poor) to 5 (excellent)

🎉
Thank you!
Your response has been recorded.