EIP-2026-117323

PRE-CVE

InstantHMI 6.1 - Local Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117323. PoCs published by sh4d0wman.

AI-analyzed exploit summary This writeup describes an elevation of privilege (EoP) vulnerability in InstantHMI 6.1 due to incorrect default permissions on the installation directory, allowing authenticated users to replace binaries or plant malicious DLLs for privilege escalation.

Description

InstantHMI 6.1 - Local Privilege Escalation

Exploits (1)

exploitdb WRITEUP

by sh4d0wman · textlocalwindows

https://www.exploit-db.com/exploits/40072

View Code ZIP pw:eip

This writeup describes an elevation of privilege (EoP) vulnerability in InstantHMI 6.1 due to incorrect default permissions on the installation directory, allowing authenticated users to replace binaries or plant malicious DLLs for privilege escalation.

Classification

Writeup 100%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: InstantHMI 6.1

Auth required

Prerequisites: Authenticated user access to the system · Default installation of InstantHMI 6.1

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1574 - Hijack Execution Flow

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026