EIP-2026-116815

PRE-CVE

ASLDRService ATK Hotkey 1.0.69.0 - Unquoted Service Path Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116815. PoCs published by Cyril Vallicari.

AI-analyzed exploit summary This writeup describes an unquoted service path vulnerability in ASUS ATK Hotkey's ASLDRService, which could allow local privilege escalation. The issue stems from the service path not being enclosed in quotes, potentially enabling arbitrary code execution with system privileges.

Description

ASLDRService ATK Hotkey 1.0.69.0 - Unquoted Service Path Privilege Escalation

Exploits (1)

exploitdb WRITEUP

by Cyril Vallicari · textlocalwindows

https://www.exploit-db.com/exploits/40520

View Code ZIP pw:eip

This writeup describes an unquoted service path vulnerability in ASUS ATK Hotkey's ASLDRService, which could allow local privilege escalation. The issue stems from the service path not being enclosed in quotes, potentially enabling arbitrary code execution with system privileges.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Theoretical

Target: ASUS ATK Hotkey version 1.0.69.0

Auth required

Prerequisites: Local access to the system · Ability to write to the root of C:\

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026