EIP-2026-117653

This is a technical writeup describing an unquoted path vulnerability in multiple Nexon games (e.g., Dirty Bomb, Counter-Strike Nexon: Zombies) that allows local privilege escalation by exploiting improperly quoted paths in the BlackXcht.aes anti-cheat system. The PoC involves placing a malicious executable in the root of C: to achieve code execution with elevated privileges.