ASUS Control Center Express =< 01.06.15 - Unquoted Service Path
ASUS Control Center Express Version =< 01.06.15 contains an unquoted service path which allows attackers to escalate privileges to the system level. Assuming attackers have write access to C:, the attackers can abuse the Asus service "Apro console service"/apro_console.exe which upon restarting will invoke C:\Program.exe with SYSTEM privileges.
The binary path of the service alone isn't susceptible, but upon its initiation, it will execute C:\program.exe as SYSTEM.
Service Name: AProConsoleService
binary impacted: apro_console.exe
In case of a poorly configured system, where a low privileged user could write to C:\ directory, they could use it to elevate their privileges to SYSTEM.
Alaa Kachouh