CVE-2022-50923
Unknown Unknown - Not Provided
Unquoted Service Path in CobianReflectorService Enables Privilege Escalation

Publication date: 2026-01-13

Last updated on: 2026-03-02

Assigner: VulnCheck

Description
Cobian Backup 0.9 contains an unquoted service path vulnerability that allows local users to execute arbitrary code with elevated system privileges. Attackers can exploit the unquoted binary path in the CobianReflectorService to inject malicious code that will execute with LocalSystem permissions during service startup.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-01-13
Last Modified
2026-03-02
Generated
2026-06-16
AI Q&A
2026-01-14
EPSS Evaluated
2026-06-15
NVD
CVE-2022-50923
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cobiansoft cobian_backup 0.9.93
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-428 The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an unquoted service path issue in Cobian Backup 0.9.93, specifically in the CobianReflectorService. Because the service's binary path is not enclosed in quotes, Windows may misinterpret the path and execute a malicious executable placed by a local attacker in a path segment before the legitimate service binary. This allows the attacker to execute arbitrary code with elevated LocalSystem privileges during service startup, effectively escalating their privileges on the system. [1, 2]

Impact Analysis

If exploited, this vulnerability allows a local attacker to run arbitrary code with LocalSystem privileges, which is the highest level of system access on Windows. This can lead to full control over the affected system, including the ability to install malware, steal sensitive data, disrupt system operations, or create persistent backdoors. [1, 2]

Detection Guidance

This vulnerability can be detected by checking the service binary path for unquoted spaces in the CobianReflectorService. On a Windows system, you can use the following command in an elevated command prompt or PowerShell to check the service path: sc qc CobianReflectorService. If the binary path contains spaces and is not enclosed in quotes, the system is vulnerable. Additionally, you can manually inspect the service path in the registry under HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\CobianReflectorService to verify if the path is unquoted. [2]

Mitigation Strategies

To mitigate this vulnerability immediately, you should quote the service binary path in the CobianReflectorService to prevent Windows from misinterpreting the path and executing malicious code. This can be done by editing the service configuration to enclose the executable path in double quotes. Alternatively, ensure that no malicious executables exist in any of the path segments before the actual service executable. Applying the latest patches or updates from the vendor, if available, is also recommended. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2022-50923. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart