Unquoted Service Path in SAP Business One Enables SYSTEM Privilege Escalation
CVE-2022-35292 Published on September 13, 2022
In SAP Business One application when a service is created, the executable path contains spaces and isnt enclosed within quotes, leading to a vulnerability known as Unquoted Service Path which allows a user to gain SYSTEM privileges. If the service is exploited by adversaries, it can be used to gain privileged permissions on a system or network leading to high impact on Confidentiality, Integrity, and Availability.
Weakness Type
Unquoted Search Path or Element
The product uses a search path that contains an unquoted element, in which the element contains whitespace or other separators. This can cause the product to access resources in a parent path. If a malicious individual has access to the file system, it is possible to elevate privileges by inserting such a file as "C:\Program.exe" to be run by a privileged program making use of WinExec.
Products Associated with CVE-2022-35292
Want to know whenever a new CVE is published for SAP Business One? stack.watch will email you.
Affected Versions
SAP SE SAP Business One Version 10.0 is affected by CVE-2022-35292Exploit Probability
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.