Backupper
Monthly
Local privilege escalation in AOMEI Backupper through 8.3.0 stems from improper access controls in the bundled kernel driver amwrtdrv.sys, allowing an authenticated local user to abuse driver IOCTLs and escalate privileges. Publicly available exploit code exists for this issue, and the vendor was contacted but has not responded, leaving customers without an official fix. The CVSS 4.0 base score is 7.1 with local attack vector and low privileges required, reflecting realistic post-foothold risk rather than remote compromise.
Local privilege escalation in AOMEI Backupper through 8.3.0 stems from improper access controls in the bundled kernel driver amwrtdrv.sys, allowing an authenticated local user to abuse driver IOCTLs and escalate privileges. Publicly available exploit code exists for this issue, and the vendor was contacted but has not responded, leaving customers without an official fix. The CVSS 4.0 base score is 7.1 with local attack vector and low privileges required, reflecting realistic post-foothold risk rather than remote compromise.