CVE-2020-13386
In SmartDraw 2020 (version 27.0.0.0), the installer grants inherited write permissions to the Authenticated Users group on the SmartDraw installation folder. Two scheduled tasks, SDMsgUpdate (Local) and SDMsgUpdate (TE), are created to run in the context of the installing user and attempt to exec...