Backblaze for Windows and Backblaze for macOS prior to 7.0.0.439 suffer from improper privilege management in `bztransmit` helper due to lack of permission handling and validation before creation of client update directories allowing for local escalation of privilege via rogue client update binary.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
backblaze backblaze |