CVE-2022-35292

Name of the Vulnerable Software and Affected Versions SAP Business One (affected versions not specified)

Description The issue arises when a service is created in the SAP Business One application, and the executable path contains spaces without being enclosed within quotes. This leads to a vulnerability known as Unquoted Service Path, allowing a user to gain SYSTEM privileges. If exploited, it can grant privileged permissions on a system or network, resulting in a high impact on Confidentiality, Integrity, and Availability.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.