There is a number of .cpl files that can be loaded using their OS-native executable equivalents f.ex hdwwiz.exe loads hdwwiz.cpl.

As such, we can copy hdwwiz.exe to a different folder f.ex. c:\test and load malicious hdwwiz.cpl from the very same location f.ex.: