CVE-2025-66266 CRITICAL

CVE-2025-66266: Insecure SYSTEM Service Permissions in UPSilon2000V6.0 (RupsMon.exe) leading to trivial Local Privilege Escalation

Vendor Megatec Taiwan

Product UPSilon2000V6.0

Weakness CWE-269

Published November 26, 2025

Last update November 26, 2025

View on NVD All CVEs

CVSS base score

9.3/10

Attack vector Local

Attack complexity Low

Privileges required None

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

What the vulnerability does

01Description

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the 'Everyone' group Full Control. A local attacker can replace the executable with a malicious binary to execute code with SYSTEM privileges or simply change the config path of the service to a command; starting and stopping the service to immediately achieve code execution and privilege escalation

Key dates

02Disclosure timeline

November 26, 2025 CVE published

November 26, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-66266

Related vulnerabilities

CVE-2025-66266: Insecure SYSTEM Service Permissions in UPSilon2000V6.0 (RupsMon.exe) leading to trivial Local Privilege Escalation

01Description

02Disclosure timeline

03References

04Related CVE