EIP-2026-118210

PRE-CVE

Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118210. PoCs published by Tulpa.

AI-analyzed exploit summary This exploit describes a privilege escalation vulnerability in Zortam Mp3 Media Studio 21.15 due to insecure file permissions, allowing any user to replace the executable with malicious code. The proof of concept involves replacing the executable and waiting for execution by another user.

Description

Zortam Mp3 Media Studio 21.15 - Insecure File Permissions Privilege Escalation

Exploits (1)

exploitdb WRITEUP

by Tulpa · textlocalwindows

https://www.exploit-db.com/exploits/40418

View Code ZIP pw:eip

This exploit describes a privilege escalation vulnerability in Zortam Mp3 Media Studio 21.15 due to insecure file permissions, allowing any user to replace the executable with malicious code. The proof of concept involves replacing the executable and waiting for execution by another user.

Classification

Writeup 90%

Attack Type

Lpe

Complexity

Trivial

Reliability

Reliable

Target: Zortam Mp3 Media Studio 21.15

No auth needed

Prerequisites: Access to the system where Zortam Mp3 Media Studio is installed · Ability to replace the executable file

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1574 - Hijack Execution Flow

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026