EIP-2026-116960

PRE-CVE

Cimetrics BACstac 6.2f - Local Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116960. PoCs published by LiquidWorm.

AI-analyzed exploit summary The writeup details an unquoted search path vulnerability in Cimetrics BACstac Routing Service 6.2f, allowing local privilege escalation via improper permissions on the named pipe '\\.\pipe\bacstac'. It includes technical details such as registry keys, service configuration, and effective permissions analysis.

Description

Cimetrics BACstac 6.2f - Local Privilege Escalation

Exploits (1)

exploitdb WRITEUP

by LiquidWorm · textlocalwindows

https://www.exploit-db.com/exploits/41320

View Code ZIP pw:eip

The writeup details an unquoted search path vulnerability in Cimetrics BACstac Routing Service 6.2f, allowing local privilege escalation via improper permissions on the named pipe '\\.\pipe\bacstac'. It includes technical details such as registry keys, service configuration, and effective permissions analysis.

Classification

Writeup 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Cimetrics BACstac Routing Service 6.2f

Auth required

Prerequisites: Local access to the system · Ability to insert code in the system root path

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1548 - Abuse Elevation Control Mechanism

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026