Netsectuna

**Name of the Vulnerable Software and Affected Versions** Sherpa Connector Service version 2020.2.20328.2050 **Description** The issue is related to an unquoted service path in the Sherpa Connector Service, which could allow a local user to escalate privileges. This can be achieved by creating a specific file, for example, "C:Program FilesSherpa SoftwareSherpa.exe". **Recommendations** For version 2020.2.20328.2050, consider updating to a newer version that quotes the service path to prevent privilege escalation. As a temporary workaround, restrict access to the `SherpaConnectorService.exe` to minimize the risk of exploitation.