EIP-2026-117280

PRE-CVE

HP Display Assistant x64 Edition 3.20 - 'DTSRVC' Unquoted Service Path

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117280. PoCs published by Julio Aviña.

AI-analyzed exploit summary This is a technical writeup detailing an unquoted service path vulnerability in HP Display Assistant x64 Edition 3.20. It explains how the service path lacks quotes, allowing an attacker to insert an executable in the path to achieve privilege escalation upon service restart.

Description

HP Display Assistant x64 Edition 3.20 - 'DTSRVC' Unquoted Service Path

Exploits (1)

exploitdb WRITEUP

by Julio Aviña · textlocalwindows

https://www.exploit-db.com/exploits/49002

View Code ZIP pw:eip

This is a technical writeup detailing an unquoted service path vulnerability in HP Display Assistant x64 Edition 3.20. It explains how the service path lacks quotes, allowing an attacker to insert an executable in the path to achieve privilege escalation upon service restart.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: HP Display Assistant x64 Edition 3.20

Auth required

Prerequisites: Local access to the system · Ability to write to the service path directory

MITRE ATT&CK

T1546.008 - Accessibility Features

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026