CVE Catalog

CVE-2026-57919

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.13%

3th percentile — higher than 3% of all known CVEs

Summary

A vulnerability in PBackupVSS.exe in Matrix42 Empirum before version 25.5 and 26.x before 26.2 creates a named pipe with overly permissive DACL. An authenticated low-privileged attacker can connect to this pipe and send crafted IPC messages, leading to arbitrary command execution with SYSTEM privileges.

Risk Assessment

The risk is privilege escalation by a local attacker who can gain full system control, potentially installing malware or stealing sensitive data.

Recommendation

Immediately update Matrix42 Empirum to version 25.5 or 26.2 which fixes this vulnerability. Additionally, restrict access to the named pipe to trusted processes only.

Original NVD description (English source)

PBackupVSS.exe in Matrix42 Empirum before 25.5 and 26.x before 26.2 creates a named pipe (\\.\pipe\PBackupVSS) with a DACL that grants GENERIC_READ and GENERIC_WRITE permissions to all authenticated users. A low-privileged local attacker can connect to this pipe and send crafted IPC messages to trigger execution of arbitrary commands with SYSTEM privileges via an untrusted search path. This allows privilege escalation by placing a malicious shadow.exe in a controlled working directory.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS