EIP-2026-116714

PRE-CVE

Acronis True Image OEM 19.0.5128 - 'afcdpsrv' Unquoted Service Path

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116714. PoCs published by Alejandra Sánchez.

AI-analyzed exploit summary This writeup describes an unquoted service path vulnerability in Acronis True Image OEM 19.0.5128, where the 'afcdpsrv' service could allow local privilege escalation if an attacker can place executable code in the system root path.

Description

Acronis True Image OEM 19.0.5128 - 'afcdpsrv' Unquoted Service Path

Exploits (1)

exploitdb WRITEUP

by Alejandra Sánchez · textlocalwindows

https://www.exploit-db.com/exploits/47615

View Code ZIP pw:eip

This writeup describes an unquoted service path vulnerability in Acronis True Image OEM 19.0.5128, where the 'afcdpsrv' service could allow local privilege escalation if an attacker can place executable code in the system root path.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Theoretical

Target: Acronis True Image OEM 19.0.5128

Auth required

Prerequisites: Local access · Ability to write to system root path · Restart capabilities

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026