EIP-2026-116822

PRE-CVE

ASUS HID Access Service 1.0.94.0 - 'AsHidSrv.exe' Unquoted Service Path

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116822. PoCs published by Alejandra Sánchez.

AI-analyzed exploit summary This is a writeup describing an unquoted service path vulnerability in ASUS HID Access Service 1.0.94.0, which could allow local privilege escalation (LPE) if a non-privileged user can place executable code in a system root path. The writeup includes details on how to identify the vulnerable service but does not contain exploit code.

Description

ASUS HID Access Service 1.0.94.0 - 'AsHidSrv.exe' Unquoted Service Path

Exploits (1)

exploitdb WRITEUP

by Alejandra Sánchez · textlocalwindows

https://www.exploit-db.com/exploits/49888

View Code ZIP pw:eip

This is a writeup describing an unquoted service path vulnerability in ASUS HID Access Service 1.0.94.0, which could allow local privilege escalation (LPE) if a non-privileged user can place executable code in a system root path. The writeup includes details on how to identify the vulnerable service but does not contain exploit code.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Theoretical

Target: ASUS ATK Hotkey 1.0.94.0 (AsHidService)

Auth required

Prerequisites: Local access · Ability to write to system root path · Service restart or system reboot

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026