Local Privilege Escalation in pcvisit service client
CVE-2026-0539

8.5HIGH

Key Information:

Vendor: Pcvisit
Status: Pcvisit Remote Host Modul
Vendor: CVE Published:; 22 April 2026

What is CVE-2026-0539?

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched with NT\SYSTEM privileges on boot. This issue affects all versions after 22.6.22.1329 and was fixed in 25.12.3.1745.

Affected Version(s)

pcvisit Remote Host Modul Windows 22.6.22.1329 < 25.12.3.1745

pcvisit Remote Host Modul Windows 0 < 22.6.22.1329

pcvisit Remote Host Modul Windows 25.12.3.1745

References

https://www.pcvisit.de/kundenbereich/release-notes

release-notes

https://labs.infoguard.ch/advisories/cve-2026-0539_pcvisi...

third-party-advisorytechnical-description

CVSS V4

Score:

8.5

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 22, 2026
Vulnerability Reserved
Dec 23, 2025

CVE-2026-0539 Data

JSON

Pcvisit

What is CVE-2026-0539?

Affected Version(s)

References

CVSS V4

Timeline