CVE-2026-30266
Received Received - Intake
Insecure Permissions in DeepCool DeepCreative Allows Code Execution

Publication date: 2026-04-20

Last updated on: 2026-04-27

Assigner: MITRE

Description
Insecure Permissions vulnerability in DeepCool DeepCreative v.1.2.12 and before allows a local attacker to execute arbitrary code via a crafted file
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-20
Last Modified
2026-04-27
Generated
2026-06-16
AI Q&A
2026-04-20
EPSS Evaluated
2026-06-15
NVD
CVE-2026-30266
EUVD
EUVD-2026-23916
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
deepcool deepcreative to 1.2.12 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-277 A product defines a set of insecure permissions that are inherited by objects that are created by the program.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2026-30266 is an insecure permissions vulnerability in DeepCool DeepCreative version 1.2.11 and earlier. It allows a local, unprivileged attacker to execute arbitrary code by crafting a malicious file and replacing a legitimate file that is executed by the NT\SYSTEM account as part of the DeepCreative service. This happens because of improper file permission settings that let the attacker rewrite files that should be protected.

Impact Analysis

This vulnerability can allow a local attacker to gain elevated privileges by executing arbitrary code with SYSTEM-level permissions. This means the attacker could potentially take full control of the affected system, install malware, steal sensitive data, or disrupt system operations.

Detection Guidance

This vulnerability involves insecure file permissions in DeepCool DeepCreative versions 1.2.11 and earlier, allowing local attackers to replace files executed by the NT\SYSTEM account. Detection involves checking file permissions of DeepCreative service files to identify if they are writable by unprivileged users.

Suggested commands to detect insecure permissions on Windows systems include:

  • Using PowerShell to check permissions on the DeepCreative executable or service files: Get-Acl -Path "C:\Path\To\DeepCreative\file.exe" | Format-List
  • Using icacls to view file permissions: icacls "C:\Path\To\DeepCreative\file.exe"

Look for permissions that allow write access to non-administrative users, which could indicate vulnerability to exploitation.

Mitigation Strategies

To mitigate this vulnerability, immediately restrict file permissions on DeepCreative service files to prevent unprivileged users from modifying them.

Steps include:

  • Identify all DeepCreative executable and service files that are writable by non-administrative users.
  • Use Windows tools such as icacls or PowerShell to remove write permissions for unprivileged users. For example: icacls "C:\Path\To\DeepCreative\file.exe" /remove:g "Users"
  • Apply the principle of least privilege by ensuring only SYSTEM and administrators have write access.
  • Check for and apply any available updates or patches from DeepCool once released.
Compliance Impact

The vulnerability allows a local attacker to execute arbitrary code with high impact on confidentiality, integrity, and availability, which could lead to unauthorized access or manipulation of sensitive data.

Such unauthorized access or data manipulation could potentially result in non-compliance with data protection regulations like GDPR or HIPAA, which require strict controls to protect personal and sensitive information.

However, the provided information does not explicitly state the direct impact on compliance with these standards.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-30266. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart