Matthew Owens

**Name of the Vulnerable Software and Affected Versions** IDrive versions (affected versions not specified) **Description** The id service.exe process operates with elevated privileges and routinely reads files located in the C:ProgramDataIDrive directory. These files, encoded in UTF16-LE, are used as arguments when initiating a process. Because any standard user with system access can modify these files, an attacker can overwrite or edit them to specify a path to an arbitrary executable. This executable will then be launched by the id service.exe process with SYSTEM privileges, potentially allowing for privilege escalation. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.