CVE-2026-1995 | IDrive Cloud Backup Client prior 7.0.0.63 on Windows id_service.exe privileges management

VDB-352854 · CVE-2026-1995 · GCVE-0-2026-1995 IDRIVE CLOUD BACKUP CLIENT PRIOR 7.0.0.63 ON WINDOWS ID_SERVICE.EXE PRIVILEGES MANAGEMENT HISTORYDIFFRELATEJSONXMLCTI CVSS Meta Temp Score Current Exploit Price (≈) CTI Interest Score 7.5 $0-$5k 1.88 Summaryinfo A vulnerability described as critical has been identified in IDrive Cloud Backup Client on Windows. The impacted element is an unknown function of the file id_service.exe. The manipulation results in privileges management. This vulnerability is cataloged as CVE-2026-1995. The attack must be initiated from a local position. There is no exploit available. Upgrading the affected component is recommended. Detailsinfo A vulnerability classified as critical has been found in IDrive Cloud Backup Client on Windows. Affected is an unknown code block of the file id_service.exe. The manipulation with an unknown input leads to a privileges management vulnerability. CWE is classifying the issue as CWE-269. The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes: IDrive’s id_service.exe process runs with elevated privileges and regularly reads from several files under the C:\ProgramData\IDrive\ directory. The UTF16-LE encoded contents of these files are used as arguments for starting a process, but they can be edited by any standard user logged into the system. An attacker can overwrite or edit the files to specify a path to an arbitrary executable, which will then be executed by the id_service.exe process with SYSTEM privileges. The advisory is available at kb.cert.org. This vulnerability is traded as CVE-2026-1995 since 02/05/2026. The exploitability is told to be easy. Local access is required to approach this attack. Technical details are known, but there is no available exploit. This vulnerability is assigned to T1068 by the MITRE ATT&CK project. Upgrading to version 7.0.0.63 eliminates this vulnerability. Productinfo Type Backup Software Vendor IDrive Name Cloud Backup Client CPE 2.3info 🔒 CPE 2.2info 🔒 CVSSv4info VulDB Vector: 🔒 VulDB Reliability: 🔍 CVSSv3info VulDB Meta Base Score: 7.8 VulDB Meta Temp Score: 7.5 VulDB Base Score: 7.8 VulDB Temp Score: 7.5 VulDB Vector: 🔒 VulDB Reliability: 🔍 CVSSv2info Vector Complexity Authentication Confidentiality Integrity Availability Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock Unlock VulDB Base Score: 🔒 VulDB Temp Score: 🔒 VulDB Reliability: 🔍 Exploitinginfo Class: Privileges management CWE: CWE-269 / CWE-266 CAPEC: 🔒 ATT&CK: 🔒 Physical: Partially Local: Yes Remote: No Availability: 🔒 Status: Not defined Price Prediction: 🔍 Current Price Estimation: 🔒 0-Day Unlock Unlock Unlock Unlock Today Unlock Unlock Unlock Unlock Threat Intelligenceinfo Interest: 🔍 Active Actors: 🔍 Active APT Groups: 🔍 Countermeasuresinfo Recommended: Upgrade Status: 🔍 0-Day Time: 🔒 Upgrade: Cloud Backup Client 7.0.0.63 Timelineinfo 02/05/2026 CVE reserved 03/24/2026 +47 days Advisory disclosed 03/24/2026 +0 days VulDB entry created 03/24/2026 +0 days VulDB entry last update Sourcesinfo Advisory: kb.cert.org Status: Confirmed CVE: CVE-2026-1995 (🔒) GCVE (CVE): GCVE-0-2026-1995 GCVE (VulDB): GCVE-100-352854 Entryinfo Created: 03/24/2026 20:55 Changes: 03/24/2026 20:55 (56) Complete: 🔍 Cache ID: 99:9E0:101 Discussion No comments yet. Languages: en. Please log in to comment. ◂ PreviousOverviewNext ▸