Vulnerability in Pcvisit Remote Host Modul

CVE-2026-0539

Incorrect Default Permissions in pcvisit service binary on Windows allows a low-privileged local attacker to escalate their privileges by overwriting the service binary with arbitrary contents. This service binary is automatically launched…

EPSS: 0.000 (2.6th percentile) — read the EPSS interpretation.

Affected products

Pcvisit Remote Host Modul — versions 22.6.22.1329, 0, 25.12.3.1745

Weakness classification (CWE)

CWE-276 — Incorrect Default Permissions

References

vulnerability@ncsc.ch (release-notes)
vulnerability@ncsc.ch (technical-description, third-party-advisory)