EIP-2026-117044

PRE-CVE

DigitalPersona 5.1.0.656 'DpHostW' - Unquoted Service Path

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117044. PoCs published by Teresa Q.

AI-analyzed exploit summary This is a writeup describing an unquoted service path vulnerability in DigitalPersona 5.1.0.656. The vulnerability allows local privilege escalation due to the service path containing spaces and not being enclosed in quotes.

Description

DigitalPersona 5.1.0.656 'DpHostW' - Unquoted Service Path

Exploits (1)

exploitdb WRITEUP

by Teresa Q · textlocalwindows

https://www.exploit-db.com/exploits/49041

View Code ZIP pw:eip

This is a writeup describing an unquoted service path vulnerability in DigitalPersona 5.1.0.656. The vulnerability allows local privilege escalation due to the service path containing spaces and not being enclosed in quotes.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: DigitalPersona U.are.U One Touch 5.1.0.656

Auth required

Prerequisites: Local access to the system · Ability to execute commands with sufficient privileges to exploit the unquoted service path

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026