CVE-2026-0539 PUBLISHED

Local Privilege Escalation in pcvisit service client

Assigner: NCSC.ch
Reserved: 23.12.2025 Published: 22.04.2026 Updated: 22.04.2026

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all versions after 22.6.22.1329 and was fixed in 25.12.3.1745.

Metrics

CVSS Vector: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N
CVSS Score: 8.5

Product Status

Vendor pcvisit
Product pcvisit Remote Host Modul
Versions Default: unknown
  • affected from 22.6.22.1329 to 25.12.3.1745 (excl.)
  • unaffected from 0 to 22.6.22.1329 (excl.)
  • Version 25.12.3.1745 is unaffected

References

Problem Types

  • CWE-276 Incorrect Default Permissions CWE

Impacts

  • CAPEC-233 Privilege Escalation