EIP-2026-117550

PRE-CVE

Microsoft Windows 10 - 'WSReset' UAC Protection Bypass (propsys.dll)

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117550. PoCs published by valen.

AI-analyzed exploit summary This exploit leverages a UAC bypass via wsreset.exe by mocking trusted directories, as referenced in the Medium article. The code contains a binary payload (likely a PE file) embedded as a byte array, which is designed to execute with elevated privileges.

Description

Microsoft Windows 10 - 'WSReset' UAC Protection Bypass (propsys.dll)

Exploits (1)

exploitdb WORKING POC
by valen · clocalwindows
https://www.exploit-db.com/exploits/47755

This exploit leverages a UAC bypass via wsreset.exe by mocking trusted directories, as referenced in the Medium article. The code contains a binary payload (likely a PE file) embedded as a byte array, which is designed to execute with elevated privileges.

Classification
Working Poc 90%
Attack Type
Lpe
Complexity
Moderate
Reliability
Reliable
Target: Windows UAC (User Account Control)
Auth required
Prerequisites: Local access to a Windows system with UAC enabled · Ability to execute the compiled binary
devstral-2 · analyzed Feb 19, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026