CVE-2023-22282 Information

Description

WAB-MAT Ver.5.0.0.8 and earlier starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted if a malicious executable is placed on a certain path the executable may be executed with the privilege of the Windows service.

Reference

https://www.elecom.co.jp/news/security/20230324-01/ https://jvn.jp/en/jp/JVN35246979/