EIP-2026-118028

This exploit leverages incorrect ACL permissions on the Trend Micro OfficeScan Client directory to replace legitimate service executables with malicious ones, achieving local privilege escalation to SYSTEM. The PoC provides clear steps for generating a reverse shell, replacing the service binary, and restarting the service to trigger execution.