EIP-2026-116274

PRE-CVE

Sony PC Companion 2.1 - 'CheckCompatibility()' Unicode Stack Buffer Overflow

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116274. PoCs published by LiquidWorm.

AI-analyzed exploit summary The exploit demonstrates a stack-based Unicode buffer overflow in Sony PC Companion 2.1 via the 'CheckCompatibility' function in PimData.dll. The vulnerability is triggered by an overly long string passed to the 'OrgHeartBeat' parameter, leading to arbitrary code execution.

Description

Sony PC Companion 2.1 - 'CheckCompatibility()' Unicode Stack Buffer Overflow

Exploits (1)

exploitdb WORKING POC

by LiquidWorm · textdoswindows

https://www.exploit-db.com/exploits/23568

View Code ZIP pw:eip

The exploit demonstrates a stack-based Unicode buffer overflow in Sony PC Companion 2.1 via the 'CheckCompatibility' function in PimData.dll. The vulnerability is triggered by an overly long string passed to the 'OrgHeartBeat' parameter, leading to arbitrary code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Sony PC Companion 2.10.115 (Production 27.1, Build 830) and 2.10.108 (Production 26.1, Build 818)

No auth needed

Prerequisites: Victim must open the malicious HTML file in a browser with VBScript support

MITRE ATT&CK

T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026