CVE-2026-0539

HIGH

Local Privilege Escalation in pcvisit service client

Title source: cna

Description

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all versions after 22.6.22.1329 and was fixed in 25.12.3.1745.

References (2)

[Release Notes] https://www.pcvisit.de/kundenbereich/release-notes

[Third Party Advisory, Technical Description] https://labs.infoguard.ch/advisories/cve-2026-0539_pcvisit_local-privilege-escalation/

Scores

CVSS v4 8.5

EPSS 0.0001

EPSS Percentile 1.8%

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-276

Status published

Products (3)

pcvisit/pcvisit Remote Host Modul < 22.6.22.1329

pcvisit/pcvisit Remote Host Modul 22.6.22.1329 - 25.12.3.1745

pcvisit/pcvisit Remote Host Modul 25.12.3.1745

Published Apr 22, 2026

Tracked Since Apr 22, 2026