CVE-2026-0539

Vulnerability Description

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all versions after 22.6.22.1329 and was fixed in 25.12.3.1745.

Related Weaknesses (CWE)

CWE-276

References

https://labs.infoguard.ch/advisories/cve-2026-0539_pcvisit_local-privilege-escal
https://www.pcvisit.de/kundenbereich/release-notes

FAQ

What is CVE-2026-0539?

CVE-2026-0539 is a documented vulnerability. Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This s...

How severe is CVE-2026-0539?

CVSS scoring is not yet available for CVE-2026-0539. Check NVD for updates.

Is there a patch for CVE-2026-0539?

Check the references section above for vendor advisories and patch information. Review vendor security bulletins for remediation guidance.