Dr.Web Security Space versions 11 and 12 allow elevation of privilege for local users without administrative privileges to NT AUTHORITYSYSTEM due to insufficient control during autoupdate.
Source: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-23967
Reference (s):
- https://amonitoring.ru/article/drweb/
- https://habr.com/ru/company/pm/blog/509592/
- https://www.youtube.com/watch?v=q7Kqi7kE59U