Insecure Service File Permissions in the bd service in Real Time Logic BarracudaDrive v6.5 allow local attackers to escalate privileges to admin by replacing the %SYSTEMDRIVE%\bd\bd.exe file. When the computer next starts, the new bd.exe will be run as LocalSystem.
Metrics
CVSS Version: 3.1 |
Base Score: 8.8 HIGH Vector: CVSS:3.1/AC:L/AV:L/A:H/C:H/I:H/PR:L/S:C/UI:N