← Back to CVEs
CVE-2026-0539
N/ADescription
Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all versions after 22.6.22.1329 and was fixed in 25.12.3.1745.
CVE Details
CVSS v3.1 ScoreN/A
Published4/22/2026
Last Modified4/22/2026
Sourcenvd
Honeypot Sightings0
Weaknesses (CWE)
CWE-276
References
https://labs.infoguard.ch/advisories/cve-2026-0539_pcvisit_local-privilege-escalation/(vulnerability@ncsc.ch)
https://www.pcvisit.de/kundenbereich/release-notes(vulnerability@ncsc.ch)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.