Security Advisory

CVE-2026-0539

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2026-04-22 13:02:01

Last updated 2026-04-22 14:09:01

Assigner NCSC.ch

State PUBLISHED

Description

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NTSYSTEM privileges on boot. This issue affects all versions after 22.6.22.1329 and was fixed in 25.12.3.1745.

← Browse all CVEs View on cve.org ↗