CVE-2026-14960 in Tdelo64.sys정보

요약

\~에 의해 MITRE • 2026. 07. 15.

Pegatron `Tdelo64.sys` improperly exposes privileged hardware access functionality through the `\\.\TdeIo` device interface. IOCTL handlers including `TDE_IOCTL_INDEXIO_READ` and `TDE_IOCTL_INDEXIO_WRITE` permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without authorization checks. A local attacker can abuse this functionality to manipulate hardware registers, tamper with firmware-related interfaces, cause system instability, or establish persistent low-level compromise.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

책임이 있는

Certcc

예약하다

2026. 07. 07.

모더레이션

수락

항목

VDB-379333

EPSS

0.00000

출처

Do you want to use VulDB in your project?

Use the official API to access entries easily!