CVE-2022-50688

Name of the Vulnerable Software and Affected Versions Cobian Backup Gravity version 11.2.0.582

Description The software contains an unquoted service path issue. This allows local users to potentially execute arbitrary code with elevated system privileges. An attacker can exploit the unquoted service path in the CobianBackup11 service to inject malicious code that would execute with LocalSystem privileges during service startup.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider modifying the service path to include quotes to prevent malicious code execution.