Unknown · Barcodeocr · CVE-2020-37016
**Name of the Vulnerable Software and Affected Versions**
BarcodeOCR version 19.3.6
**Description**
BarcodeOCR 19.3.6 contains an unquoted service path issue that allows local attackers to execute code with elevated privileges during system startup. The unquoted path in the service configuration can be exploited to inject malicious executables that will run with LocalSystem privileges.
**Recommendations**
Update to a newer version that contains a fix for this vulnerability.