Primary

Context

Avanquest Driver Updater Privilege Escalation Vulnerability

Vulnerability

A vulnerability in Avanquest Driver Updater version 9.1.57803.1174 has been identified, allowing local attackers to escalate privileges. This issue arises from insecure permissions in the Driver Updater Service, which runs under SYSTEM privileges. The misconfiguration enables unprivileged users to manipulate the service's settings or exploit its functionality to gain elevated rights.

Impact

Exploitation of this vulnerability allows a local user to escalate privileges and gain administrative rights on the system.

Reproduction

The vulnerability can be reproduced by using a standard user account to access the Driver Updater Service, which is running with SYSTEM privileges. The PowerUp tool can then be employed to identify the insecure service and exploit it by adding the standard user account to the local administrators group.

Added: Feb 3, 2026, 6:48 PM

Updated: Feb 3, 2026, 6:48 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.6

remediation

0.0

relevance

2.5

threat

6.4

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Avanquest Driver Updater Privilege Escalation Vulnerability

Vulnerability

Impact

Reproduction

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating