CVE-2022-50923— Cobian Backup 0.9 - Unquoted Service Path

Cobian Backup 0.9 - Unquoted Service Path

Cobian Backup 0.9 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the CobianReflectorService to inject malicious code that will execute with LocalSystem permissions during service startup.

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

未经引用的搜索路径或元素

Cobian Backup 代码问题漏洞

Cobian Backup是Luis Cobian个人开发者的一个文件备份软件。 Cobian Backup 0.9版本存在代码问题漏洞，该漏洞源于CobianReflectorService存在未加引号的服务路径，可能导致本地用户以提升的系统权限执行任意代码。

N/A

N/A