Locu

**Name of the Vulnerable Software and Affected Versions** Babylon version 8.1.0 r16 **Description** The issue allows local users to gain privileges via a Trojan horse `BESExtension.dll` file in the current working directory. This can be demonstrated by a directory that contains a `.bgl` file. **Recommendations** For Babylon version 8.1.0 r16, consider restricting access to the `BESExtension.dll` file to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.