EIP-2026-118135

PRE-CVE

WinSMS 3.43 - Insecure File Permissions Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118135. PoCs published by Tulpa.

AI-analyzed exploit summary This writeup describes a local privilege escalation vulnerability in WinSMS 3.43 due to weak folder permissions allowing any user to replace executable files or DLLs with malicious payloads. It also notes plaintext password storage in a database file.

Description

WinSMS 3.43 - Insecure File Permissions Privilege Escalation

Exploits (1)

exploitdb WRITEUP

by Tulpa · textlocalwindows

https://www.exploit-db.com/exploits/40375

View Code ZIP pw:eip

This writeup describes a local privilege escalation vulnerability in WinSMS 3.43 due to weak folder permissions allowing any user to replace executable files or DLLs with malicious payloads. It also notes plaintext password storage in a database file.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: WinSMS 3.43

No auth needed

Prerequisites: Local access to the system · WinSMS installed with default permissions

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1552.001 - Credentials In Files

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026