EIP-2026-117325

PRE-CVE

Intel(r) Management and Security Application 5.2 - User Notification Service Unquoted Service Path

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117325. PoCs published by Metin Yunus Kandemir.

AI-analyzed exploit summary This exploit leverages an unquoted service path vulnerability in Intel's User Notification Service to achieve local privilege escalation. It downloads a malicious executable to a vulnerable path and triggers execution via a system reboot.

Description

Intel(r) Management and Security Application 5.2 - User Notification Service Unquoted Service Path

Exploits (1)

exploitdb WORKING POC

by Metin Yunus Kandemir · localwindows

https://www.exploit-db.com/exploits/49144

View Code ZIP pw:eip

This exploit leverages an unquoted service path vulnerability in Intel's User Notification Service to achieve local privilege escalation. It downloads a malicious executable to a vulnerable path and triggers execution via a system reboot.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Intel(r) Management and Security Application v5.2

Auth required

Prerequisites: Local access to the system · Ability to write to the target directory · System reboot required

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026