CVE-2022-50688
Unknown Unknown - Not Provided

Unquoted Service Path in Cobian Backup Enables Privilege Escalation

Vulnerability report for CVE-2022-50688, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2025-12-22

Last updated on: 2025-12-22

Assigner: VulnCheck

Description

Cobian Backup Gravity 11.2.0.582 contains an unquoted service path vulnerability that allows local users to potentially execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted service path in the CobianBackup11 service to inject malicious code that would execute with LocalSystem privileges during service startup.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2025-12-22
Last Modified
2025-12-22
Generated
2026-07-06
AI Q&A
2025-12-23
EPSS Evaluated
2026-07-05
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
cobian_backup cobian_backup *

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

CVE-2022-50688 is an unquoted service path vulnerability in Cobian Backup Gravity version 11.2.0.582. Because the service path for the CobianBackup11 Windows service is not enclosed in quotes, a local attacker can place a malicious executable in a directory path that the system might misinterpret during service startup. When the service starts, this malicious code executes with LocalSystem privileges, allowing the attacker to escalate their privileges and run arbitrary code on the system. [1, 2]

Impact Analysis

This vulnerability can allow a local attacker to execute arbitrary code with elevated system privileges (LocalSystem) on a machine running Cobian Backup Gravity 11.2.0.582. This means the attacker could gain full control over the affected system, potentially leading to unauthorized access, data manipulation, or disruption of system operations. [1, 2]

Detection Guidance

You can detect the vulnerability by checking if the CobianBackup11 service executable path is unquoted. Specifically, verify the service path for the CobianBackup11 service to see if it is missing quotes around the path "C:\Program Files (x86)\Cobian Backup 11\cbService.exe". On a Windows system, you can use the command: sc qc CobianBackup11 and inspect the BINARY_PATH_NAME field for unquoted paths. If the path is unquoted and contains spaces, the system is vulnerable to this issue. [2]

Mitigation Strategies

Immediate mitigation steps include correcting the service path by enclosing it in quotes to prevent the system from misinterpreting the path. This can be done by modifying the service configuration to quote the executable path. Alternatively, ensure that no malicious executables exist in any directory segments of the service path. Restrict local user permissions to prevent placing executables in these directories. Additionally, consider updating or patching the Cobian Backup Gravity software if an official fix is available. [1, 2]

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50688. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart