EIP-2026-117896

PRE-CVE

SAPSetup Automatic Workstation Update Service 750 - 'NWSAPAutoWorkstationUpdateSvc' Unquoted Service Path

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117896. PoCs published by Alan Mondragon.

AI-analyzed exploit summary This is a technical writeup detailing an unquoted service path vulnerability in SAPSetup Automatic Workstation Update Service 750. It includes steps to identify the vulnerability and explains the potential impact of local privilege escalation (LPE) if exploited.

Description

SAPSetup Automatic Workstation Update Service 750 - 'NWSAPAutoWorkstationUpdateSvc' Unquoted Service Path

Exploits (1)

exploitdb WRITEUP

by Alan Mondragon · textlocalwindows

https://www.exploit-db.com/exploits/49689

View Code ZIP pw:eip

This is a technical writeup detailing an unquoted service path vulnerability in SAPSetup Automatic Workstation Update Service 750. It includes steps to identify the vulnerability and explains the potential impact of local privilege escalation (LPE) if exploited.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Theoretical

Target: SAPSetup Automatic Workstation Update Service 750

Auth required

Prerequisites: Local access to the system · Ability to write to a directory in the unquoted service path

MITRE ATT&CK

T1574.009 - Path Interception by Unquoted Path

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026