A TOCTOU vulnerability exists in madCodeHook before 2020-07-16 that allows local attackers to elevate their privileges to SYSTEM. This occurs because path redirection can occur via vectors involving directory junctions.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14418
Reference (s):
- https://github.com/nettitude/metasploit-modules
- https://labs.nettitude.com/blog/cve-2020-14418-madcodehook-library-local-privilege-escalation/