Sharkkcode

**Name of the Vulnerable Software and Affected Versions** MSP360 Free Backup (affected versions not specified) **Description** A local attacker can escalate privileges on affected installations of MSP360 Free Backup. The attacker must first have the ability to execute low-privileged code on the target system. Administrator interaction is also required. The issue resides within the restore functionality, where an attacker can create a junction and abuse the service to create arbitrary files, leading to privilege escalation and arbitrary code execution in the context of SYSTEM. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: AOMEI Backupper Workstation (affected versions not specified) Description: A local privilege escalation issue exists in AOMEI Backupper Workstation due to a link following flaw. This allows an attacker to gain elevated privileges on a compromised system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** 2BrightSparks SyncBackFree (affected versions not specified) **Description** This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system and have user interaction from an administrator to exploit this flaw. The specific flaw exists within the Mirror functionality, where an attacker can create a junction to abuse the service and delete arbitrary files, potentially escalating privileges and executing arbitrary code in the context of SYSTEM. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.