The Windows driver used by projects derived from Truecrypt 7 (verified in Veracrypt and CipherShed) are vulnerable to a local elevation of privilege attack by abusing the drive letter symbolic link creation facilities to remap the main system drive. With the system drive remapped it's trivial to get a new process running under the local system account.
bd1e8ffc132fe9efac975acbab5528bd06a2731798e1f40805ddc035d825f919