CVE-2026-0828 | Kernel driver ProcessMonitorDriver.sys in Safetica's endpoin… | CVSS 7.5 HIGH

Description

Kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x64 , versions 10.5.75.0 and 11.11.4.0, allows unprivileged user to abuse IOCTL path and terminate protected system processes.

Metadata

CVE ID: CVE-2026-0828
State: PUBLISHED
Assigner: certcc
Reserved: 2026-01-09 19:21 UTC
Published: 2026-06-26 15:47 UTC
Last updated: 2026-06-26 17:33 UTC
Vendor / Product: Safetica / Endpoint Client
Sources: cve.org · NVD

Severity & Metrics

7.5 HIGH CVSS 3.1

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

SSVC — CISA Coordinator

Exploitation: none
Automatable: yes
Tech. Impact: partial

Affected products (2)

Vendor	Product	Platform	Versions
Safetica	Endpoint Client	—	10.5.75.0 ≤ 10.5.75.0
Safetica	Endpoint Client	—	11.11.4.0 ≤ 11.11.4.0

Weakness (CWE)

CWE	Source	Description
—	cna	CWE-269 Improper Privilege Management

CVSS scores (1)

Score	Severity	Version	Source	Vector
7.5	HIGH	3.1	adp	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References (1)

https://www.safetica.com/