The Samange service installed uses an unquoted service path, which contains at least one whitespace. A local attacker could gain elevated privileges by inserting an executable file in the path of the affected service.
Could Samange release an update that encloses the service path in quotes? This is a vulnerability from our standpoint and red flags Samanage.
I've attached a link for more detail: http://www.commonexploits.com/?p=658