EIP-2026-117800

PRE-CVE

Protector Plus AntiVirus 8/9 - Local Privilege Escalation

Title source: legacy
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117800. PoCs published by Maxim A. Kulakov.

AI-analyzed exploit summary This is a writeup detailing a local privilege escalation vulnerability in Protector Plus antivirus software due to insecure file permissions. An attacker can replace executable files with malicious ones to gain SYSTEM privileges upon system restart.

Description

Protector Plus AntiVirus 8/9 - Local Privilege Escalation

Exploits (1)

exploitdb WRITEUP VERIFIED
by Maxim A. Kulakov · textlocalwindows
https://www.exploit-db.com/exploits/9680

This is a writeup detailing a local privilege escalation vulnerability in Protector Plus antivirus software due to insecure file permissions. An attacker can replace executable files with malicious ones to gain SYSTEM privileges upon system restart.

Classification
Writeup 100%
Attack Type
Lpe
Complexity
Trivial
Reliability
Reliable
Target: Protector Plus 2009 for Windows Desktops (8.0.E03), Protector Plus 2009 for Windows Server (8.0.E03), Protector Plus Professional (9.1.001)
Auth required
Prerequisites: Valid logon credentials to the target system · Access to the file system to replace executable files
devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve
Tracked Since Feb 18, 2026