EIP-2026-116038

PRE-CVE

Panda Global Protection 2010 - Local Denial of Service (unfiltered wcscpy())

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116038. PoCs published by Heurs.

AI-analyzed exploit summary This exploit targets a local privilege escalation vulnerability in Panda Global Protection 2010 (3.01.00) by exploiting an unchecked IOCTL input in the APPFLT.sys driver. The code includes shellcode and attempts to trigger an exception by manipulating a DWORD value.

Description

Panda Global Protection 2010 - Local Denial of Service (unfiltered wcscpy())

Exploits (1)

exploitdb WORKING POC

by Heurs · cdoswindows

https://www.exploit-db.com/exploits/16023

View Code ZIP pw:eip

This exploit targets a local privilege escalation vulnerability in Panda Global Protection 2010 (3.01.00) by exploiting an unchecked IOCTL input in the APPFLT.sys driver. The code includes shellcode and attempts to trigger an exception by manipulating a DWORD value.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Theoretical

Target: Panda Global Protection 2010 (3.01.00)

No auth needed

Prerequisites: Local access to the target system · Presence of vulnerable Panda Global Protection 2010 (3.01.00)

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026