CVE-2022-50915

Name of the Vulnerable Software and Affected Versions PTPublisher version 2.3.4

Description The software contains an unquoted service path vulnerability in the PTProtect service. This allows local attackers to potentially execute arbitrary code with elevated privileges. The vulnerable path is located at 'C:Program Files (x86)Primera TechnologyPTPublisherUsbFlashDongleService.exe'. Attackers can exploit this by injecting malicious executables through the unquoted path to gain system-level access.

Recommendations Apply appropriate quoting to the service path to prevent unauthorized execution of files.