Idrive Cloud Backup Client For Windows
Monthly
IDrive's id_service.exe process, which runs with SYSTEM-level privileges on Windows systems, is vulnerable to privilege escalation and arbitrary code execution due to insecure file handling. The vulnerability affects IDrive Cloud Backup Client for Windows across multiple versions, as the elevated service process reads UTF16-LE encoded configuration files from C:\ProgramData\IDrive\ that are writable by standard unprivileged users. An attacker with local user access can modify these files to inject arbitrary executable paths, causing id_service.exe to execute malicious code with SYSTEM privileges, resulting in complete system compromise. While CVSS and EPSS scores are not available, this represents a critical local privilege escalation vector with trivial exploitability due to the file write permissions on the ProgramData directory.
IDrive's id_service.exe process, which runs with SYSTEM-level privileges on Windows systems, is vulnerable to privilege escalation and arbitrary code execution due to insecure file handling. The vulnerability affects IDrive Cloud Backup Client for Windows across multiple versions, as the elevated service process reads UTF16-LE encoded configuration files from C:\ProgramData\IDrive\ that are writable by standard unprivileged users. An attacker with local user access can modify these files to inject arbitrary executable paths, causing id_service.exe to execute malicious code with SYSTEM privileges, resulting in complete system compromise. While CVSS and EPSS scores are not available, this represents a critical local privilege escalation vector with trivial exploitability due to the file write permissions on the ProgramData directory.