EIP-2026-117493

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117493. PoCs published by Ismael Nava.

AI-analyzed exploit summary This is a technical writeup detailing an unquoted service path vulnerability in Microsoft GamingServices 2.47.10001.0. It includes commands to identify the vulnerable service paths and demonstrates the lack of quotes around executable paths, which could allow local privilege escalation if an attacker can place a malicious executable in the path.

Description

Microsoft GamingServices 2.47.10001.0 - 'GamingServices' Unquoted Service Path

Exploits (1)

exploitdb WRITEUP

by Ismael Nava · textlocalwindows

https://www.exploit-db.com/exploits/49214

View Code ZIP pw:eip

This is a technical writeup detailing an unquoted service path vulnerability in Microsoft GamingServices 2.47.10001.0. It includes commands to identify the vulnerable service paths and demonstrates the lack of quotes around executable paths, which could allow local privilege escalation if an attacker can place a malicious executable in the path.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Theoretical

Target: Microsoft GamingServices 2.47.10001.0

Auth required

Prerequisites: Local access to the system · Ability to write to the Program Files directory or another directory in the unquoted path

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 19, 2026 Full analysis →

Microsoft GamingServices 2.47.10001.0 - 'GamingServices' Unquoted Service Path

Exploitation Summary

Description

Exploits (1)

Details