📧 info@ciso.sa | 📱 +966550939344 | Riyadh, Kingdom of Saudi Arabia
About FAQ Contact Us Terms of Service Privacy Policy 🌐 العربية
🔐

Welcome — Sign in or create an account for full access.

🔑 Sign In ✨ Register
🌐 العربية Sign In Create Account
🔧 Scheduled Maintenance — Saturday 2:00-4:00 AM AST. Some features may be temporarily unavailable.    ●   
💎
Pro Plan 50% Off Unlock all AI features, unlimited reports, and priority support. Upgrade
Search Center
ESC to close
navigate open Ctrl+K search
CISO Consulting
Global supply_chain Software Development and Technology HIGH 3h Global apt Government/Critical Infrastructure CRITICAL 5h Global vulnerability Enterprise Software / Data Analytics CRITICAL 5h Global vulnerability Artificial Intelligence and Technology HIGH 9h Global general Technology and Artificial Intelligence MEDIUM 12h Global general Technology and Artificial Intelligence HIGH 13h Global vulnerability Higher Education CRITICAL 22h Global data_breach Government HIGH 23h Global supply_chain Software Development and Open Source Communities CRITICAL 23h Global malware Software Development CRITICAL 23h Global supply_chain Software Development and Technology HIGH 3h Global apt Government/Critical Infrastructure CRITICAL 5h Global vulnerability Enterprise Software / Data Analytics CRITICAL 5h Global vulnerability Artificial Intelligence and Technology HIGH 9h Global general Technology and Artificial Intelligence MEDIUM 12h Global general Technology and Artificial Intelligence HIGH 13h Global vulnerability Higher Education CRITICAL 22h Global data_breach Government HIGH 23h Global supply_chain Software Development and Open Source Communities CRITICAL 23h Global malware Software Development CRITICAL 23h Global supply_chain Software Development and Technology HIGH 3h Global apt Government/Critical Infrastructure CRITICAL 5h Global vulnerability Enterprise Software / Data Analytics CRITICAL 5h Global vulnerability Artificial Intelligence and Technology HIGH 9h Global general Technology and Artificial Intelligence MEDIUM 12h Global general Technology and Artificial Intelligence HIGH 13h Global vulnerability Higher Education CRITICAL 22h Global data_breach Government HIGH 23h Global supply_chain Software Development and Open Source Communities CRITICAL 23h Global malware Software Development CRITICAL 23h
Vulnerabilities

CVE-2020-37102

High
Adaware Web Companion 4.9.2159 contains an unquoted service path vulnerability in the WCAssistantService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the un
CWE-428 — Weakness Type
Published: Feb 3, 2026  ·  Modified: Feb 28, 2026  ·  Source: NVD
CVSS v3
7.8
🔗 NVD Official
📄 Description (English)

Adaware Web Companion 4.9.2159 contains an unquoted service path vulnerability in the WCAssistantService that allows local attackers to potentially execute arbitrary code. Attackers can exploit the unquoted binary path to inject malicious executables that will be run with LocalSystem privileges during service startup.

🤖 AI Executive Summary

CVE-2020-37102 is a privilege escalation vulnerability in Adaware Web Companion 4.9.2159 affecting the WCAssistantService through an unquoted service path. Local attackers can inject malicious executables into the service path to achieve arbitrary code execution with LocalSystem privileges. While no public exploit is available, the vulnerability poses significant risk to organizations using this security software, particularly in Saudi banking and government sectors where Adaware may be deployed.

📄 Description (Arabic)

🤖 AI Intelligence Analysis Analyzed: Apr 27, 2026 17:20
🇸🇦 Saudi Arabia Impact Assessment
This vulnerability primarily impacts Saudi organizations in the Banking sector (SAMA-regulated institutions), Government agencies (NCA oversight), and Healthcare organizations that have deployed Adaware Web Companion as endpoint protection. The LocalSystem privilege execution capability makes this particularly dangerous for systems handling sensitive financial data, classified government information, and patient records. Organizations in the Energy sector (ARAMCO subsidiaries) and Telecom (STC, Mobily) may also be affected if Adaware is part of their security infrastructure.
🏢 Affected Saudi Sectors
Banking Government Healthcare Energy Telecommunications
⚖️ Saudi Risk Score (AI)
7.2
/ 10.0
🔧 Remediation Steps (English)
Immediate Actions:

1. Identify all systems running Adaware Web Companion 4.9.2159 across your organization

2. Restrict local administrative access and implement principle of least privilege

3. Monitor WCAssistantService startup and execution patterns for anomalies



Patching Guidance:

1. Upgrade Adaware Web Companion to version 4.9.2160 or later immediately

2. Verify patch installation by checking service binary path configuration

3. Restart affected systems after patching to ensure service updates



Compensating Controls (if immediate patching not possible):

1. Disable WCAssistantService if not critical to operations

2. Implement Application Whitelisting on endpoints to prevent unauthorized executable execution

3. Use Windows AppLocker to restrict execution in service paths

4. Monitor file system changes in Program Files directories



Detection Rules:

1. Alert on any executable creation in Adaware installation directories with suspicious names

2. Monitor WCAssistantService startup with non-standard binary paths

3. Track privilege escalation attempts from service context

4. Log all modifications to service registry entries (HKLM\System\CurrentControlSet\Services\WCAssistantService)
🔧 خطوات المعالجة (العربية)
الإجراءات الفورية:

1. تحديد جميع الأنظمة التي تقوم بتشغيل Adaware Web Companion 4.9.2159 عبر مؤسستك

2. تقييد الوصول الإداري المحلي وتطبيق مبدأ الامتياز الأقل

3. مراقبة بدء تشغيل خدمة WCAssistantService وأنماط التنفيذ للكشف عن الشذوذ



إرشادات التصحيح:

1. ترقية Adaware Web Companion إلى الإصدار 4.9.2160 أو أحدث على الفور

2. التحقق من تثبيت التصحيح بفحص تكوين مسار الملف الثنائي للخدمة

3. إعادة تشغيل الأنظمة المتأثرة بعد التصحيح لضمان تحديثات الخدمة



الضوابط البديلة (إذا لم يكن التصحيح الفوري ممكناً):

1. تعطيل خدمة WCAssistantService إذا لم تكن حرجة للعمليات

2. تطبيق قائمة التطبيقات المسموحة على نقاط النهاية لمنع تنفيذ الملفات التنفيذية غير المصرح بها

3. استخدام Windows AppLocker لتقييد التنفيذ في مسارات الخدمة

4. مراقبة التغييرات في نظام الملفات في دلائل Program Files



قواعد الكشف:

1. تنبيه عند إنشاء أي ملف تنفيذي في دلائل تثبيت Adaware بأسماء مريبة

2. مراقبة بدء تشغيل خدمة WCAssistantService بمسارات ثنائية غير قياسية

3. تتبع محاولات تصعيد الامتيازات من سياق الخدمة

4. تسجيل جميع التعديلات على إدخالات سجل الخدمة
📋 Regulatory Compliance Mapping
🟢 NCA ECC 2024
A.5.1.1 - Information Security Policies and Procedures A.6.1.1 - Organization of Information Security A.12.6.1 - Management of Technical Vulnerabilities A.14.2.1 - Secure Development Policy
🔵 SAMA CSF
ID.RA-1 - Asset Management and Vulnerability Management PR.IP-12 - Software, Firmware, and Information Updates DE.CM-8 - Vulnerability Scans
🟡 ISO 27001:2022
A.12.6.1 - Management of technical vulnerabilities A.14.2.1 - Secure development policy and procedures A.12.2.1 - Restrictions on software installation
🟣 PCI DSS v4.0.1
6.2 - Ensure all system components and software are protected from known vulnerabilities 6.1 - Maintain a process to identify and assign a risk rating to newly discovered security vulnerabilities
📊 CVSS Score
7.8
/ 10.0 — High
📊 CVSS Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Attack VectorL — Low / Local
Attack ComplexityL — Low / Local
Privileges RequiredL — Low / Local
User InteractionN — None / Network
ScopeU — Unchanged
ConfidentialityH — High
IntegrityH — High
AvailabilityH — High
📋 Quick Facts
Severity High
CVSS Score7.8
CWECWE-428
EPSS0.01%
Exploit No
Patch ✓ Yes
Published 2026-02-03
Source Feed nvd
Views 5
🇸🇦 Saudi Risk Score
7.2
/ 10.0 — Saudi Risk
Priority: HIGH
🏷️ Tags
CWE-428
⚡ Actions
🔗 NVD Official Page ⚡ Exploit-DB Search 🐙 GitHub PoC Search 🎯 MITRE ATT&CK 📊 CVE Details
Share this CVE
LinkedIn X / Twitter WhatsApp Telegram

💬 Comments

0
Loading comments
📣 Found this valuable?
Share it with your cybersecurity network
in LinkedIn 𝕏 X / Twitter 💬 WhatsApp ✈ Telegram
🍪 Privacy Preferences
CISO Consulting — Compliant with Saudi Personal Data Protection Law (PDPL)
We use cookies and similar technologies to provide the best experience on our platform. You can choose which types you accept.
🔒
Essential Always On
Required for the website to function properly. Cannot be disabled.
📋 Sessions, CSRF tokens, authentication, language preferences
📊
Analytics
Help us understand how visitors use the site and improve performance.
📋 Page views, session duration, traffic sources, performance metrics
⚙️
Functional
Enable enhanced features like content personalization and preferences.
📋 Dark/light theme, font size, custom dashboards, saved filters
📣
Marketing
Used to deliver content and ads relevant to your interests.
📋 Campaign tracking, retargeting, social media analytics
Privacy Policy →
CISO AI Assistant
Ask anything · Documents · Support
🔐

Introduce Yourself

Enter your details to access the full assistant

Your info is private and never shared
💬
CyberAssist
Online · responds in seconds
5 / 5
🔐 Verify Your Identity

Enter your email to receive a verification code before submitting a support request.

Enter to send · / for commands 0 / 2000
CISO AI · Powered by Anthropic Claude
✦ Quick Survey Help Us Improve CISO Consulting Your feedback shapes the future of our platform — takes less than 2 minutes.
⚠ Please answer this question to continue

How would you rate your overall experience with our platform?

Rate from 1 (poor) to 5 (excellent)

🎉
Thank you!
Your response has been recorded.