Home

Description

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all versions after 22.6.22.1329 and was fixed in 25.12.3.1745.

PUBLISHED Reserved 2025-12-23 | Published 2026-04-22 | Updated 2026-04-22 | Assigner NCSC.ch




HIGH: 8.5CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Problem types

CWE-276 Incorrect Default Permissions

Product status

Default status
unknown

22.6.22.1329 (custom) before 25.12.3.1745
affected

Any version before 22.6.22.1329
unaffected

25.12.3.1745
unaffected

References

www.pcvisit.de/kundenbereich/release-notes release-notes

labs.infoguard.ch/...539_pcvisit_local-privilege-escalation/ third-party-advisory technical-description

cve.org (CVE-2026-0539)

nvd.nist.gov (CVE-2026-0539)

Download JSON