← back
CVE-2026-0539

Local Privilege Escalation in pcvisit service client

CVSS 8.5 HIGHEPSS 0.1%CWE-276
Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all versions after 22.6.22.1329 and was fixed in 25.12.3.1745.
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
Affected products
pcvisit · pcvisit Remote Host Modul

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://labs.infoguard.ch/advisories/cve-2026-0539_pcvisit_local-privilege-escalation/https://www.pcvisit.de/kundenbereich/release-notes