High severityNVD Advisory· Published Apr 22, 2026· Updated Apr 22, 2026

CVE-2026-0539

Description

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all versions after 22.6.22.1329 and was fixed in 25.12.3.1745.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

labs.infoguard.ch/advisories/cve-2026-0539_pcvisit_local-privilege-escalation/nvd
www.pcvisit.de/kundenbereich/release-notesnvd

News mentions

No linked articles in our index yet.

cvss	0.455
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000