Pegatron `Tdelo64.sys` exposes a privileged device interface, `\\.\TdeIo`, that fails to properly restrict access to sensitive IOCTL functionality. The driver's IOCTL dispatcher does not validate caller privileges or verify user-supplied kernel memory addresses before performing memory operations. By sending crafted requests to IOCTL, a local attacker can achieve arbitrary kernel memory read and write operations, leading to privilege escalation to `NT AUTHORITY\SYSTEM`, security product bypass, credential theft, or complete system compromise.
Metrics
Affected Vendors & Products
References
| Link | Providers |
|---|---|
| https://kb.cert.org/vuls/id/529388 |
|
History
Wed, 15 Jul 2026 17:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | Pegatron `Tdelo64.sys` exposes a privileged device interface, `\\.\TdeIo`, that fails to properly restrict access to sensitive IOCTL functionality. The driver's IOCTL dispatcher does not validate caller privileges or verify user-supplied kernel memory addresses before performing memory operations. By sending crafted requests to IOCTL, a local attacker can achieve arbitrary kernel memory read and write operations, leading to privilege escalation to `NT AUTHORITY\SYSTEM`, security product bypass, credential theft, or complete system compromise. | |
| Title | CVE-2026-14961 | |
| References |
|
Status: PUBLISHED
Assigner: certcc
Published:
Updated: 2026-07-15T19:31:32.591Z
Reserved: 2026-07-07T14:26:02.918Z
Link: CVE-2026-14961
No data.
No data.
No data.
OpenCVE Enrichment
No data.