CVE Catalog

CVE-2026-11858

HighCVSS 8.4
Published: Updated: Translated: NVD NIST

Summary

Quanos SCHEMA ST4 on-premises contains a local privilege escalation vulnerability in the Client Update Service. The service runs as SYSTEM and exposes a .NET Remoting interface over a named pipe without sufficient access controls. A low-privileged authenticated user can connect to the interface and invoke update methods, allowing arbitrary file write and delete with SYSTEM privileges.

Risk Assessment

An attacker can gain full control over the operating system, leading to server compromise and access to all data.

Recommendation

Immediately update the software to a version that fixes this vulnerability and restrict access to the named pipe to trusted processes only.

Original NVD description (English source)

Quanos SCHEMA ST4 on-premises contains a local privilege escalation vulnerability in the Client Update Service. The update service runs as NT AUTHORITY\SYSTEM and exposes a .NET Remoting interface over a named pipe without sufficient access controls or authorization. A local authenticated low-privileged user can connect to the interface and invoke privileged update methods such as Update(). This allows arbitrary file write and delete operations with SYSTEM privileges and can be used to achieve local privilege escalation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS