The host is installed with Azure File Sync Agent 4.x before 16.2.0 or 17.x before 17.1 and is prone to an elevation of privilege vulnerability. A flaw is present in the applications which fails to properly handle unspecified vectors. Successful exploitation allows attackers to create new files in directories they do not normally have access to.