CVE-2026-14961
CVE-2026-14961
Vexday Risk Score
10Low
SSVC decision (CISA)
Track
No exploitation signal → monitor
CVSS 6.2EPSS —KEV nãoPoC —Nuclei —Metasploit —Patch —
Lifecycle
15 Jul 2026Published on NVD
Recommendation: Monitor — no exploitation signal at the moment.
Pegatron `Tdelo64.sys` exposes a privileged device interface, `\\.\TdeIo`, that fails to properly restrict access to sensitive IOCTL functionality. The driver's IOCTL dispatcher does not validate caller privileges or verify user-supplied kernel memory addresses before performing memory operations. By sending crafted requests to IOCTL, a local attacker can achieve arbitrary kernel memory read and write operations, leading to privilege escalation to `NT AUTHORITY\SYSTEM`, security product bypass, credential theft, or complete system compromise.
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Affected products
Pegatron Corp. · Tdelo64.sysReferences
https://kb.cert.org/vuls/id/529388