EIP-2026-118026

PRE-CVE

Trend Micro Maximum Security 2019 - Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118026. PoCs published by hyp3rlinx.

AI-analyzed exploit summary This is a writeup describing a privilege escalation vulnerability in Trend Micro Security 2019 products. The exploit involves placing a malicious binary in the C:\ directory, which is executed with SYSTEM privileges by the coreServiceShell.exe service upon reboot.

Description

Trend Micro Maximum Security 2019 - Privilege Escalation

Exploits (1)

exploitdb WRITEUP

by hyp3rlinx · textlocalwindows

https://www.exploit-db.com/exploits/47943

View Code ZIP pw:eip

This is a writeup describing a privilege escalation vulnerability in Trend Micro Security 2019 products. The exploit involves placing a malicious binary in the C:\ directory, which is executed with SYSTEM privileges by the coreServiceShell.exe service upon reboot.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Trend Micro Security (Consumer) Multiple Products, versions 2019 (v15) and 2020 (v16)

Auth required

Prerequisites: Local access to the system · Ability to place a binary in the C:\ directory · Reboot of the machine

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1547 - Boot or Logon Autostart Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026