CVE-2026-1995

Name of the Vulnerable Software and Affected Versions IDrive versions (affected versions not specified)

Description The id service.exe process operates with elevated privileges and routinely reads files located in the C:ProgramDataIDrive directory. These files, encoded in UTF16-LE, are used as arguments when initiating a process. Because any standard user with system access can modify these files, an attacker can overwrite or edit them to specify a path to an arbitrary executable. This executable will then be launched by the id service.exe process with SYSTEM privileges, potentially allowing for privilege escalation.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.