EIP-2026-116960

The writeup details an unquoted search path vulnerability in Cimetrics BACstac Routing Service 6.2f, allowing local privilege escalation via improper permissions on the named pipe '\\.\pipe\bacstac'. It includes technical details such as registry keys, service configuration, and effective permissions analysis.