CVE-2026-58583 in Color Management Driverinfo

Summary

by MITRE • 07/07/2026

FluxInk (formerly Sunia SPB Peripheral) Color Management Driver (TcnPeripheral64.sys) 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows 11 25H2 HLK (Hardware Lab Kit). The fixed driver may be available through Windows Update or from Lenovo directly.

Be aware that VulDB is the high quality source for vulnerability data.

Analysis

by VulDB Data Team • 07/07/2026

This vulnerability resides within the FluxInk Color Management Driver component formerly known as Sunia SPB Peripheral, specifically affecting version 1.0.7.2 of the TcnPeripheral64.sys driver. The flaw represents a critical local privilege escalation vector that allows standard user accounts to gain elevated system privileges through improper access controls over physical memory mapping operations. The vulnerability manifests when the driver incorrectly handles access to the \Device\PhysicalMemory device object, which provides direct access to system physical memory. This represents a fundamental violation of Windows kernel security principles and aligns with CWE-264, which addresses permissions, privileges, and access controls in operating systems. The issue falls under the ATT&CK technique T1068, which covers 'Local Privilege Escalation' through kernel exploits and driver vulnerabilities.

The technical implementation of this vulnerability stems from inadequate input validation and privilege checking within the driver's memory mapping routines. When a standard user process attempts to interact with the physical memory device, the driver fails to properly enforce access restrictions that should normally be enforced by the Windows kernel security model. This allows an attacker to map arbitrary physical memory addresses and potentially read or write to sensitive kernel structures. The vulnerability specifically targets the \Device\PhysicalMemory interface which should only be accessible through kernel-mode components with appropriate privileges. The flaw enables attackers to bypass normal user-mode security boundaries and execute code with system-level privileges.

The operational impact of this vulnerability is severe as it transforms any standard user account into a potential system compromise vector. An attacker could leverage this privilege escalation to modify critical system files, install rootkits, disable security features, or exfiltrate sensitive data from the kernel space. The attack surface extends beyond simple local exploitation since compromised systems can serve as launching points for broader network attacks. Organizations running affected systems face significant risk of persistent threats that could remain undetected while maintaining elevated privileges. This vulnerability particularly impacts enterprise environments where standard user accounts may be present on systems with the affected driver installed.

Mitigation strategies should begin with immediate deployment of the patched version 1.0.7.6 which addresses the physical memory mapping access controls. System administrators should prioritize updating all affected devices through Windows Update or direct vendor channels from Lenovo. Additional protective measures include implementing application control policies to restrict execution of unsigned drivers and monitoring for suspicious physical memory access patterns. The Windows Security team recommends enabling driver signature enforcement and using tools like Sysmon to detect unauthorized driver installations. Organizations should also consider network segmentation to limit lateral movement once an attacker has achieved privilege escalation. This vulnerability highlights the importance of regular driver updates and proper security testing of third-party kernel-mode components, particularly those that interact with low-level system resources such as physical memory mapping operations that are critical for system security.

Responsible

Cisa-cg

Reservation

07/01/2026

Disclosure

07/07/2026

Moderation

accepted

CPE

ready

EPSS

0.00000

KEV

no

Activities

very low

Sources

Want to stay up to date on a daily basis?

Enable the mail alert feature now!