In GRAU DATA Blocky before 3.1, Blocky-Gui has a Client-Side Enforcement of Server-Side Security vulnerability. An attacker with Windows administrative or debugging privileges can patch a binary in memory or on disk to bypass the password login requirement and gain full access to all functions of the program.
https://www.graudata.com/en/products/protection-against-ransomware/blocky-for-veeam/
https://www.blockyforveeam.com/en/security-bulletin-2024-06-25/