CVE-2026-0539
8.5
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Summary
Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all versions after 22.6.22.1329 and was fixed in 25.12.3.1745.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| pcvisit | pcvisit Remote Host Modul | 22.6.22.1329 < 25.12.3.1745 | affected |
| pcvisit | pcvisit Remote Host Modul | 0 < 22.6.22.1329 | unaffected |
| pcvisit | pcvisit Remote Host Modul | 25.12.3.1745 | unaffected |
Weaknesses
- CWE-276: CWE-276 Incorrect Default Permissions
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
- https://www.pcvisit.de/kundenbereich/release-notes
- https://labs.infoguard.ch/advisories/cve-2026-0539_pcvisit_local-privilege-escalation/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.