The vulnerability here is that regular non-administrator users can also read sensitive registry hives from the shadow copy. This allows for local privilege escalation exploits.
I see, thanks, I never tested the mentioned programs as a non-Admin user, though the mechanism (if the shadow copies are used) is seemingly the same, so if the BUILTIN/USERS are authorized, they may work as well (and not only on Windows 10).
