CVE-2026-1995
IDrive Cloud Backup Client for Windows contains a privilege escalation vulnerability
CVSS Score
7.8
EPSS Score
0.0%
EPSS Percentile
0th
IDrive’s id_service.exe process runs with elevated privileges and regularly reads from several files under the C:\ProgramData\IDrive\ directory. The UTF16-LE encoded contents of these files are used as arguments for starting a process, but they can be edited by any standard user logged into the system. An attacker can overwrite or edit the files to specify a path to an arbitrary executable, which will then be executed by the id_service.exe process with SYSTEM privileges.
| Vendor | idrive |
| Product | idrive cloud backup client for windows |
| Published | Mar 24, 2026 |
| Last Updated | Mar 25, 2026 |
Stay Ahead of the Next One
Get instant alerts for idrive idrive cloud backup client for windows
Be the first to know when new high vulnerabilities affecting idrive idrive cloud backup client for windows are published — delivered to Slack, Telegram or Discord.
Get Free Alerts →
Free · No credit card · 60 sec setup
Affected Versions
IDrive / IDrive Cloud Backup Client for Windows
0 < 7.0.0.63