The host is installed with Symantec System Recovery 2011 before SP2 or Backup Exec System Recovery 2010 before SP5 and is prone to untrusted search path vulnerability. A flaw is present in the application, which fails to handle a Trojan horse DLL in the current working directory. Successful exploitation allows local users to gain privileges.