Vendor
Privacy Drive 3.17.0 contains an unquoted service path vulnerability in the pdsvc.exe service, allowing local attackers to escalate privileges by placing malicious executables in the unquoted path directories, leading to arbitrary code execution with LocalSystem privileges.