The Netlux Antivirus suffers from an unquoted search path issue impacting the Session Manager Service ‘NXSessSvc’ service for Windows deployed as part of Netlux Antivirus package. This could potentially allow an authorized but non-privileged local user to execute arbitrary code with elevated privileges on the system. Versions 1.0.1.8 and 1.0.1.4 are affected.