惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

The Cloudflare Blog
U
Unit 42
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
腾讯CDC
罗磊的独立博客
博客园 - 聂微东
博客园_首页
雷峰网
雷峰网
云风的 BLOG
云风的 BLOG
Jina AI
Jina AI
奇客Solidot–传递最新科技情报
奇客Solidot–传递最新科技情报
D
DataBreaches.Net
The GitHub Blog
The GitHub Blog
人人都是产品经理
人人都是产品经理
Y
Y Combinator Blog
量子位
Microsoft Azure Blog
Microsoft Azure Blog
阮一峰的网络日志
阮一峰的网络日志
小众软件
小众软件
月光博客
月光博客
T
The Exploit Database - CXSecurity.com
Google DeepMind News
Google DeepMind News
H
Help Net Security
O
OpenAI News
Blog — PlanetScale
Blog — PlanetScale
S
Security Affairs
S
Security @ Cisco Blogs
Microsoft Security Blog
Microsoft Security Blog
T
The Blog of Author Tim Ferriss
AI
AI
MongoDB | Blog
MongoDB | Blog
G
Google Developers Blog
MyScale Blog
MyScale Blog
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
D
Docker
Hugging Face - Blog
Hugging Face - Blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
S
Schneier on Security
Cloudbric
Cloudbric
H
Heimdal Security Blog
J
Java Code Geeks
N
News and Events Feed by Topic
Hacker News - Newest:
Hacker News - Newest: "LLM"
宝玉的分享
宝玉的分享
有赞技术团队
有赞技术团队
S
SegmentFault 最新的问题
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
爱范儿
爱范儿
I
Intezer
GbyAI
GbyAI

CERT Recently Published Vulnerability Notes

VU#885548: Denial-of-service vulnerability in HTTP/2 servers via stalled flow-control conditions CERT/CC Vulnerability Note VU#326070 CERT/CC Vulnerability Note VU#529388 CERT/CC Vulnerability Note VU#725167 VU#564823: GNU Wget enables SSRF via unvalidated FTP PASV IPs CERT/CC Vulnerability Note VU#152953 CERT/CC Vulnerability Note VU#734812 CERT/CC Vulnerability Note VU#849433 CERT/CC Vulnerability Note VU#213560 CERT/CC Vulnerability Note VU#828543 CERT/CC Vulnerability Note VU#639124 CERT/CC Vulnerability Note VU#936962 CERT/CC Vulnerability Note VU#226679 CERT/CC Vulnerability Note VU#457458 CERT/CC Vulnerability Note VU#380058 CERT/CC Vulnerability Note VU#862559 CERT/CC Vulnerability Note VU#616257 CERT/CC Vulnerability Note VU#595768 CERT/CC Vulnerability Note VU#615987 CERT/CC Vulnerability Note VU#265691 CERT/CC Vulnerability Note VU#873170 CERT/CC Vulnerability Note VU#158530 CERT/CC Vulnerability Note VU#780781 CERT/CC Vulnerability Note VU#980487 CERT/CC Vulnerability Note VU#777338 CERT/CC Vulnerability Note VU#471747 CERT/CC Vulnerability Note VU#937808 CERT/CC Vulnerability Note VU#260001 CERT/CC Vulnerability Note VU#748485 CERT/CC Vulnerability Note VU#518910 CERT/CC Vulnerability Note VU#890999 CERT/CC Vulnerability Note VU#414811 CERT/CC Vulnerability Note VU#915947 CERT/CC Vulnerability Note VU#536588 CERT/CC Vulnerability Note VU#951662 CERT/CC Vulnerability Note VU#655822 CERT/CC Vulnerability Note VU#221883 CERT/CC Vulnerability Note VU#577436 CERT/CC Vulnerability Note VU#624941 CERT/CC Vulnerability Note VU#907705 CERT/CC Vulnerability Note VU#665416 CERT/CC Vulnerability Note VU#976247 CERT/CC Vulnerability Note VU#772695 CERT/CC Vulnerability Note VU#431821 CERT/CC Vulnerability Note VU#504749 CERT/CC Vulnerability Note VU#458422 CERT/CC Vulnerability Note VU#481830
CERT/CC Vulnerability Note VU#330121
2026-03-24 · via CERT Recently Published Vulnerability Notes

Overview

The IDrive Cloud Backup Client for Windows, versions 7.0.0.63 and earlier, contains a privilege escalation vulnerability that allows any authenticated user to run arbitrary executables with NT AUTHORITY\SYSTEM permissions.

Description

IDrive is a cloud backup service that allows users to encrypt, sync, and store data from multiple devices such as PCs, Macs, iPhones, and Androids in one cloud-based account. IDrive provides a Windows client for both desktop and server editions, which acts as both a thick client and a thin client with a web interface to manage cloud backups.

CVE-2026-1995 The IDrive Windows client utility id_service.exe runs as a process with elevated SYSTEM privileges and regularly reads from several files located under C:\ProgramData\IDrive. The UTF16-LE encoded contents of these files are used by the service as arguments for starting processes. Because of weak permission configurations, these files can be edited by any standard user logged into the system. An authenticated, low-privilege attacker can overwrite or add a new file that specifies a path to an arbitrary script or .exe, which will then be executed by the id_service.exe process with SYSTEM privileges.

Impact

This vulnerability enables an authenticated local user, or any user with access to the affected directory, to execute arbitrary code as SYSTEM on the target Windows device. A local attacker could exploit this vulnerability to escalate privileges and gain full control over the target machine, potentially enabling data theft, system modification, or arbitrary script execution.

Solution

IDrive has reported that a patch for this vulnerability is currently in development. Users should monitor IDrive releases and update their software to the latest version as soon as it becomes available. In the meantime, users are advised to restrict write permissions for the affected directory and employ additional controls such as EDR monitoring and Group Policies to detect and prevent unauthorized file modifications.

Acknowledgements

Thanks to Matthew Owens and FRSecure for discovering and reporting this vulnerability. This document was written by Molly Jaconski.

Vendor Information

Filter by content: Additional information available

 Sort by:


Other Information

CVE IDs: CVE-2026-1995
API URL: VINCE JSON | CSAF
Date Public: 2026-03-24
Date First Published: 2026-03-24
Date Last Updated: 2026-03-24 20:27 UTC
Document Revision: 2