The software attempts to drop privileges but does not check or incorrectly checks to see if the drop succeeded.