DriveLock Agent Incorrect Access Control Vulnerability Allowing Local Privilege Escalation

A vulnerability exists in DriveLock Agent for Windows in versions 24.1 prior to 24.1.*, 24.2 prior to 24.2.8, and 25.1 prior to 25.1.6. The issue arises from directories and files created by the agent being assigned overly permissive Access Control Lists (ACLs). This misconfiguration allows local users without administrative privileges to initiate actions or disrupt the agent's functionality.

Impact

The vulnerability could be exploited by local users to gain elevated permissions, allowing them to interfere with the DriveLock agent or trigger certain actions on behalf of the agent.

Remediation

Users are advised to update to DriveLock versions 24.2.8 or 25.1.6. For optimal security and support, upgrading directly to DriveLock version 25.1 Patch 4 (25.1.6) is recommended. Note that older, unsupported versions are also affected but will not receive patches.