EIP-2026-117413

PRE-CVE

Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117413. PoCs published by Joey Lane.

AI-analyzed exploit summary This is a technical writeup describing an unquoted service path privilege escalation vulnerability in Lenovo Slim USB Keyboard. It explains the vulnerability mechanism and provides an example of exploitation but does not include functional exploit code.

Description

Lenovo Slim USB Keyboard 1.09 - Unquoted Service Path Privilege Escalation

Exploits (1)

exploitdb WRITEUP

by Joey Lane · textlocalwindows

https://www.exploit-db.com/exploits/40581

View Code ZIP pw:eip

This is a technical writeup describing an unquoted service path privilege escalation vulnerability in Lenovo Slim USB Keyboard. It explains the vulnerability mechanism and provides an example of exploitation but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Lenovo Slim USB Keyboard version 1.09

Auth required

Prerequisites: Local access to the system · Ability to write to the root of C:\ or another directory in the unquoted path

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026