HIGH
Download
CVE published 2026-05-16
CVE-2020-37230
CVE-2020-37230 describes an unquoted service path vulnerability in Syncplify.me Server! 5.0.37’s SMWebRestServicev5 service. A local attacker who can place a malicious executable in a search-path location may be able to trigger code execution with LocalSystem privileges when the service restarts or the system reboots. The issue is high impact because it can convert local access into full system-level control.