PT-2026-2409 · Unknown · Cain & Abel
Aryan Chehreghani
·
Published
2026-01-13
·
Updated
2026-02-02
·
CVE-2022-50933
CVSS v3.1
7.8
High
| Vector | AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Cain & Abel version 4.9.56
Description
The software contains an unquoted service path, potentially allowing local attackers to execute arbitrary code with elevated privileges. Attackers can exploit the unquoted binary path to inject malicious executables that will be launched with LocalSystem permissions.
Recommendations
Ensure the service path is enclosed in quotes to prevent exploitation.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cain & Abel