CVE-2026-0539

Sažetak

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all versions after 22.6.22.1329 and was fixed in 25.12.3.1745.

Reference

https://labs.infoguard.ch/advisories/cve-2026-0539_pcvisit_local-privilege-escalation/
https://www.pcvisit.de/kundenbereich/release-notes

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

19-05-2026 - 15:44

Objavljeno

22-04-2026 - 14:16