According to the report in the Project Zero directory, the flaw relates to the SvcMoveFileInheritSecurity remote procedure call (RPC). If it exploited, can lead to an arbitrary file being assigned an arbitrary security descriptor, that can potentially lead to elevation of privilege and would potentially allow other users on the network to modify file.
