CVE-2023-22282

Name of the Vulnerable Software and Affected Versions WAB-MAT versions 5.0.0.8 and earlier

Description The issue arises from the software starting another program with an unquoted file path. Given that a registered Windows service path contains spaces and is unquoted, a malicious executable placed on a specific path could be executed with the privilege of the Windows service.

Recommendations For WAB-MAT versions 5.0.0.8 and earlier, consider quoting the file path of the Windows service to prevent potential exploitation. As a temporary workaround, restrict access to the paths where the malicious executable could be placed to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.