A vulnerable bus driver in FabulaTech “USB for Remote Desktop” and “USB over Network” allows low privileged users to add a fully controlled software USB device, which could be used by an attacker to elevate privileges under certain common circumstances
Incorrect Access Control
FabulaTech
USB for Remote Desktop
USB over Network
Local
true
Adding trusted software USB HID device fully controlled by non-privileged users
Michael Myngerbayev of SentinelOne
https://labs.sentinelone.com/click-from-the-backyard-cve-2020-9332/