CVE-2022-50904

Name of the Vulnerable Software and Affected Versions Wondershare UBackit version 2.0.5

Description The software contains an unquoted service path issue. This allows local users to potentially execute arbitrary code with elevated system privileges. An attacker can exploit the unquoted path in the wsbackup service to inject malicious executables. These executables would run with LocalSystem permissions when the service starts.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider modifying the service path to include quotes to prevent the execution of unauthorized code.