TOCTOU vulnerability leading to escalation of privileges in Balena Etcher prior to v2.1.4
Discovered a Time-of-Check to Time-of-Use vulnerability in Balena Etcher that allows privilege escalation from medium to high integrity execution. The vulnerability exploits a race condition in temporary file handling during the image flashing process.