CVE-2025-66461 is a security vulnerability identified in GS Yuasa International Ltd.'s FULLBACK Manager Pro software for Windows, specifically versions 4.00 and earlier. The vulnerability stems from the registration of two Windows services with unquoted file paths. In Windows, when service executable paths contain spaces and are not enclosed in quotes, the system may misinterpret the path and execute malicious binaries placed in higher-level directories. This condition is known as an unquoted search path or unquoted service path vulnerability. An attacker who has write permissions on any directory in the path leading to the service executable can place a malicious executable that will be run with SYSTEM privileges when the service starts or restarts. This effectively allows privilege escalation from a user with write access to full system control. The CVSS v3.0 score of 6.7 reflects a medium severity, with the vector indicating local attack vector (AV:L), low attack complexity (AC:L), high privileges required (PR:H), no user interaction (UI:N), unchanged scope (S:U), and high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). No public exploits have been reported yet, but the vulnerability represents a significant risk in environments where users have write access to installation directories. The lack of patches or updates linked in the report suggests that mitigation relies on restricting directory permissions or applying vendor fixes once available.

For European organizations, this vulnerability poses a risk of local privilege escalation, potentially allowing attackers with limited access to gain full SYSTEM privileges. This can lead to unauthorized data access, system manipulation, or disruption of critical services. Organizations in manufacturing, industrial control, or sectors relying on GS Yuasa's FULLBACK Manager Pro may face operational disruptions or data breaches. The impact is particularly severe in environments where multiple users have write access to software installation directories, such as shared workstations or poorly managed endpoints. Given the high impact on confidentiality, integrity, and availability, exploitation could facilitate lateral movement, persistence, or deployment of ransomware. The absence of known exploits reduces immediate risk but does not eliminate the threat, especially as attackers often target unquoted service path vulnerabilities due to their straightforward exploitation. European entities with strict regulatory requirements around data protection and operational continuity must address this vulnerability promptly to avoid compliance violations and reputational damage.

European organizations should immediately audit the file system permissions of directories where FULLBACK Manager Pro is installed to ensure that only trusted administrators have write access. Removing write permissions for non-administrative users on these directories will prevent exploitation. Additionally, organizations should monitor for the release of official patches or updates from GS Yuasa International Ltd. and apply them promptly. As a temporary workaround, administrators can manually quote the service executable paths in the Windows service configuration using tools like 'sc config' or PowerShell to prevent path hijacking. Employing application whitelisting and endpoint protection solutions that detect unauthorized service modifications or suspicious executable placements can further reduce risk. Regularly reviewing and hardening local privilege assignments and employing the principle of least privilege will limit the potential for exploitation. Finally, educating IT staff about the risks of unquoted service paths and ensuring secure software installation practices will help prevent similar vulnerabilities.