Balena Etcher for Windows is vulnerable to a race condition that could be exploited to perform unauthorized file modifications or escalate privileges.

This vulnerability is a TOCTOU race condition. An attacker with local access could potentially manipulate files between the time the application checks their status and the time it performs an operation, leading to unauthorized actions.

While this vulnerability typically requires local access, it can be used as part of a multi-stage attack to escalate privileges or modify system files during the image flashing process. The CVSS score of 7.5 reflects a high severity, as it compromises the integrity of the software's core function: writing disk images safely.

Immediate Action: Upgrade Balena Etcher for Windows to version 2 or later to resolve the race condition vulnerability.

Proactive Monitoring: Monitor for suspicious file system activity during the execution of disk imaging tools, particularly in temporary directories.

Compensating Controls: Implement strict application control policies to ensure only authorized users can run imaging software with administrative privileges.

Public Exploit Available: false

To maintain system integrity, users should update Balena Etcher to version 2 immediately. This update is critical for preventing potential local attackers from exploiting the race condition to perform unauthorized system modifications.