Windows still suffers from issues related to the replacement of the system drive letter during impersonation. This can be abused to trick privilege processes to load configuration files and other resources from untrusted locations leading to elevation of privilege.
advisories | CVE-2022-41073, CVE-2023-35359
