EIP-2026-117800
PRE-CVEProtector Plus AntiVirus 8/9 - Local Privilege Escalation
Title source: legacyExploitation Summary
EIP tracks 1 public exploit for EIP-2026-117800. PoCs published by Maxim A. Kulakov.
AI-analyzed exploit summary This is a writeup detailing a local privilege escalation vulnerability in Protector Plus antivirus software due to insecure file permissions. An attacker can replace executable files with malicious ones to gain SYSTEM privileges upon system restart.
Description
Protector Plus AntiVirus 8/9 - Local Privilege Escalation
Exploits (1)
exploitdb
WRITEUP
VERIFIED
by Maxim A. Kulakov · textlocalwindows
https://www.exploit-db.com/exploits/9680
This is a writeup detailing a local privilege escalation vulnerability in Protector Plus antivirus software due to insecure file permissions. An attacker can replace executable files with malicious ones to gain SYSTEM privileges upon system restart.
Classification
Writeup 100%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target:
Protector Plus 2009 for Windows Desktops (8.0.E03), Protector Plus 2009 for Windows Server (8.0.E03), Protector Plus Professional (9.1.001)
Auth required
Prerequisites:
Valid logon credentials to the target system · Access to the file system to replace executable files
MITRE ATT&CK
devstral-2 · analyzed Feb 16, 2026
Full analysis →
Details
Status
pre_cve
Tracked Since
Feb 18, 2026