CVE-2022-50903

Name of the Vulnerable Software and Affected Versions Wondershare MobileTrans version 3.5.9

Description The software contains an unquoted service path vulnerability within the ElevationService. This allows local users to potentially execute code with elevated system privileges. Exploitation involves placing malicious executables in specific filesystem locations, which are then executed with LocalSystem permissions during service startup.

Recommendations Apply appropriate quoting to the service path to prevent the execution of unauthorized code.