CVE-2022-23909

CVE-2022-23909

There is an unquoted service path in Sherpa Connector Service (SherpaConnectorService.exe) 2020.2.20328.2050. This might allow a local user to escalate privileges by creating a "C:Program FilesSherpa SoftwareSherpa.exe" file.

Source: CVE-2022-23909