securityaffairs.com 7/15/2026, 5:56:18 PM · external

LegacyHive Windows zero day enables privilege escalation

LegacyHive Windows zero day enables privilege escalation
CyberSIXT Evidence Panel

CHAOTIC Eclipse has revealed a new Windows zero-day exploit named LegacyHive that targets the Windows User Profile Service, allowing privilege escalation on fully patched Windows systems. This vulnerability does not yet have a CVE and requires valid user credentials for exploitation, making it suitable primarily for post-compromise situations rather than mass exploitation.

The researcher has been publicly disclosing zero-day vulnerabilities without coordinated disclosure due to a dispute with Microsoft regarding their vulnerability reporting process. Previous exploits include GreatXML, RoguePlanet, YellowKey, GreenPlasma, BlueHammer, and UnDefend, many aimed at bypassing Windows security features. Microsoft has criticized these disclosures for putting customers at risk and underscored the importance of coordinated vulnerability disclosure.

View Primary Source Via securityaffairs.com

Article by CyberSIXT