EIP-2026-116850

PRE-CVE

Authentium SafeCentral 2.6 - 'shdrv.sys' Local Kernel Ring0 SYSTEM

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116850. PoCs published by mu-b.

AI-analyzed exploit summary This exploit targets a local kernel vulnerability in Authentium SafeCentral's shdrv.sys driver, allowing privilege escalation to SYSTEM by manipulating process tokens. It includes shellcode for Windows XP and Windows Server 2003.

Description

Authentium SafeCentral 2.6 - 'shdrv.sys' Local Kernel Ring0 SYSTEM

Exploits (1)

exploitdb WORKING POC VERIFIED

by mu-b · clocalwindows

https://www.exploit-db.com/exploits/11232

View Code ZIP pw:eip

This exploit targets a local kernel vulnerability in Authentium SafeCentral's shdrv.sys driver, allowing privilege escalation to SYSTEM by manipulating process tokens. It includes shellcode for Windows XP and Windows Server 2003.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Authentium SafeCentral <= 2.6 (shdrv.sys 2.0.0.146)

No auth needed

Prerequisites: Local access to the target system · Presence of vulnerable shdrv.sys driver

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1055 - Process Injection

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026