Incorrect privilege assignment in Windows Hello allows an unauthorized attacker to perform tampering locally.