This vulnerability allows local attackers to execute arbitrary code with elevated privileges on vulnerable installations of Motorola Scanner SDK. Authentication is not required to exploit this vulnerability. The specific flaw exists within the file permissions (ACLs) on an installed directory. CoreScanner.exe is vulnerable to tampering by all users. A local attacker can leverage this vulnerability to raise privileges and execute code under the context of SYSTEM.