2020-04-08 18:41:58
palo_alto
PUBLISHED
Secdo tries to execute a script at a hardcoded path if present, which allows a local authenticated user with create folders or append data access to the root of the OS disk (C:) to gain system privileges if the path does not already exist or is writable. This issue affects all versions of Secdo for Windows.