CVE-2026-27615 is a path traversal vulnerability categorized under CWE-40 and CWE-829 affecting the Windows application ADB-Explorer by Alex4SSB. The vulnerability arises from the application's 'ManualAdbPath' configuration variable, which specifies the path to the ADB binary executed by the app. In versions before Beta 0.9.26022, this setting can be configured to a Universal Naming Convention (UNC) path pointing to a remote network share. An attacker can exploit this by crafting a malicious 'App.txt' settings file that sets 'ManualAdbPath' to a UNC share under attacker control. When a victim runs a shortcut to the app that loads this malicious settings file, the app executes the binary from the remote share, effectively running attacker-controlled code on the victim's machine with the same privileges as the user. The vulnerability requires user interaction (running the crafted shortcut) and does not require prior authentication. The attack leverages Windows UNC path handling and the app's trust in the settings file location. The vulnerability is rated with a CVSS 4.0 score of 8.8 (high severity), reflecting its potential for remote code execution, high impact on confidentiality, integrity, and availability, and the requirement for user interaction but no authentication. The issue was addressed in Beta 0.9.26022 by disallowing UNC paths for 'ManualAdbPath' or by validating the path input to prevent remote execution. No public exploits have been reported yet, but the vulnerability poses a significant risk due to the ease of social engineering and the potential for privilege escalation.

If exploited, this vulnerability allows attackers to execute arbitrary code remotely on a victim's Windows machine with the privileges of the user running ADB-Explorer. This can lead to full system compromise, including data theft, installation of persistent malware, lateral movement within networks, and disruption of services. Because the attack vector involves user interaction via a malicious shortcut and settings file, targeted spear-phishing or supply chain attacks could leverage this to compromise developers or IT personnel who use ADB-Explorer for Android device management. The impact extends to organizations relying on ADB-Explorer in their development or device management workflows, potentially exposing sensitive intellectual property or internal network access. The vulnerability undermines system integrity and confidentiality and can cause availability issues if malicious payloads disrupt system operations. Given the high CVSS score and the nature of the vulnerability, organizations face a significant risk until patched.

1. Immediately update ADB-Explorer to version Beta 0.9.26022 or later, which contains the fix preventing UNC path usage for 'ManualAdbPath'. 2. Implement strict controls on the distribution and execution of shortcuts and configuration files related to ADB-Explorer, ensuring they originate from trusted sources only. 3. Educate users, especially developers and IT staff, about the risks of running untrusted shortcuts or configuration files, emphasizing the social engineering aspect of this attack. 4. Employ endpoint protection solutions capable of detecting and blocking execution of binaries from untrusted network shares or unusual UNC paths. 5. Restrict network access to SMB shares and monitor for unusual UNC path access attempts on Windows hosts running ADB-Explorer. 6. Use application whitelisting to prevent execution of unauthorized binaries, particularly those loaded from network shares. 7. Regularly audit and monitor ADB-Explorer configurations to detect unauthorized changes to the 'ManualAdbPath' setting. 8. Consider isolating development environments or using virtual machines for running tools like ADB-Explorer to limit the blast radius of potential exploitation.