CVE-2025-5474

Name of the Vulnerable Software and Affected Versions 2BrightSparks SyncBackFree (affected versions not specified)

Description This issue allows local attackers to escalate privileges on affected installations. An attacker must first obtain the ability to execute low-privileged code on the target system and have user interaction from an administrator to exploit this flaw. The specific flaw exists within the Mirror functionality, where an attacker can create a junction to abuse the service and delete arbitrary files, potentially escalating privileges and executing arbitrary code in the context of SYSTEM.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.