CVE-2022-50923

Name of the Vulnerable Software and Affected Versions Cobian Backup version 0.9

Description A local user can execute arbitrary code with elevated system privileges. This is due to an unquoted service path in the CobianReflectorService, allowing attackers to inject malicious code that executes with LocalSystem permissions during service startup.

Recommendations Update to a newer version that contains a fix for this vulnerability. As a temporary workaround, consider modifying the service path to include quotes to prevent malicious code execution.