EIP-2026-117761

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117761. PoCs published by Julien Ahrens.

AI-analyzed exploit summary The advisory describes a local privilege escalation vulnerability in Photodex ProShow Producer due to insecure file permissions on 'scsiaccess.exe', allowing a low-privileged user to replace the executable and gain SYSTEM privileges. The proof-of-concept demonstrates the file permissions using 'icacls' but does not include functional exploit code.

Description

Photodex ProShow Gold/Producer 5.0.3310/6.0.3410 - 'ScsiAccess.exe' Local Privilege Escalation

Exploits (1)

exploitdb WRITEUP VERIFIED

by Julien Ahrens · textlocalwindows

https://www.exploit-db.com/exploits/24872

View Code ZIP pw:eip

The advisory describes a local privilege escalation vulnerability in Photodex ProShow Producer due to insecure file permissions on 'scsiaccess.exe', allowing a low-privileged user to replace the executable and gain SYSTEM privileges. The proof-of-concept demonstrates the file permissions using 'icacls' but does not include functional exploit code.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Photodex ProShow Producer v5.0.3310

No auth needed

Prerequisites: Local access to the system · Ability to modify files in 'C:\Program Files\Photodex\ProShow Producer'

MITRE ATT&CK

T1548.002 - Bypass User Account Control T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Photodex ProShow Gold/Producer 5.0.3310/6.0.3410 - 'ScsiAccess.exe' Local Privilege Escalation

Exploitation Summary

Description

Exploits (1)

Details