EIP-2026-115780

PRE-CVE

Microsoft Windows - DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-115780. PoCs published by h07.

AI-analyzed exploit summary This is a functional proof-of-concept exploit for a memory corruption vulnerability in the Windows DCE-RPC svcctl ChangeServiceConfig2A() function, leading to a denial-of-service (DoS) condition. The exploit leverages the Impacket library to craft malicious RPC requests, triggering an access violation in services.exe on Windows 2000 SP4.

Description

Microsoft Windows - DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption

Exploits (1)

exploitdb WORKING POC VERIFIED

by h07 · pythondoswindows

https://www.exploit-db.com/exploits/3453

View Code ZIP pw:eip

This is a functional proof-of-concept exploit for a memory corruption vulnerability in the Windows DCE-RPC svcctl ChangeServiceConfig2A() function, leading to a denial-of-service (DoS) condition. The exploit leverages the Impacket library to craft malicious RPC requests, triggering an access violation in services.exe on Windows 2000 SP4.

Classification

Working Poc 95%

Attack Type

Dos

Complexity

Moderate

Reliability

Reliable

Target: Microsoft Windows 2000 SP4 (svcctl)

Auth required

Prerequisites: Administrator credentials · Network access to target · Impacket and PyCrypto libraries

MITRE ATT&CK

T1499 - Endpoint Denial of Service

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026