EIP-2026-118028

PRE-CVE

Trend Micro OfficeScan Client 10.0 - ACL Service LPE

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118028. PoCs published by msd0pe.

AI-analyzed exploit summary This exploit leverages incorrect ACL permissions on the Trend Micro OfficeScan Client directory to replace legitimate service executables with malicious ones, achieving local privilege escalation to SYSTEM. The PoC provides clear steps for generating a reverse shell, replacing the service binary, and restarting the service to trigger execution.

Description

Trend Micro OfficeScan Client 10.0 - ACL Service LPE

Exploits (1)

exploitdb WORKING POC

by msd0pe · textlocalwindows

https://www.exploit-db.com/exploits/51453

View Code ZIP pw:eip

This exploit leverages incorrect ACL permissions on the Trend Micro OfficeScan Client directory to replace legitimate service executables with malicious ones, achieving local privilege escalation to SYSTEM. The PoC provides clear steps for generating a reverse shell, replacing the service binary, and restarting the service to trigger execution.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Trend Micro OfficeScan Client <= 10.0

No auth needed

Prerequisites: Access to the target system with low privileges · Ability to write to the OfficeScan Client directory

MITRE ATT&CK

T1548.002 - Bypass User Account Control T1059.003 - Windows Command Shell

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026