CVE-2026-1680

Exploit

EPSS 0.2%
Veröffentlicht 30.01.2026 06:00:31
Zuletzt bearbeitet 03.03.2026 15:06:54
Quelle db4dfee8-a97e-4877-bfae-eba6d1
CVE-Watchlists
Login
Unerledigt
Login

Local Privilege Escalation in Local Admin Service

Improper access control in the WCF endpoint in Edgemo (now owned by Danoffice IT) Local Admin Service 1.2.7.23180 on Windows allows a local user to escalate their privileges to local administrator via direct communication with the LocalAdminService.exe named pipe, bypassing client-side group membership restrictions.

Betroffene Produkte Warnungen 0 Metriken 3 CWE 1 Referenzen 5

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Danofficeit ≫ Local Admin Service Version1.2.7.23180 SwPlatformwindows

Zu dieser CVE wurde keine Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	0.2%	0.103

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	7.8	1.8	5.9	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
db4dfee8-a97e-4877-bfae-eba6d14a2166	7.1	0	0	CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:X/RE:X/U:X

CWE-250 Execution with Unnecessary Privileges

The product performs an operation at a privilege level that is higher than the minimum level required, which creates new weaknesses or amplifies the consequences of other weaknesses.

https://retest.dk/local-privilege-escalation-vulnerability-found-in-local-admin-service/

Third Party Advisory

Exploit

https://www.danofficeit.com/howwedoit/workplace/management/

Product

https://nvd.nist.gov/vuln/detail/CVE-2026-1680

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-1680

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-1680

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-1680