CVE-2026-12784
HIGH
7.8
CVSS 3.1
Description
A weakness has been identified in IM-Magic Partition Resizer up to 7.9.0. This affects an unknown function in the library MDA_NTDRV.sys of the component Kernel Driver. This manipulation causes improper access controls. The attack requires local access. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.
Metadata
Severity & Metrics
7.8
HIGH CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R
Affected products (1)
| Vendor | Product | Platform | Versions |
|---|---|---|---|
| IM-Magic | Partition Resizer | — | 7.0, 7.1, 7.2, 7.3 … |
Weakness (CWE)
CVSS scores (4)
| Score | Severity | Version | Source | Vector |
|---|---|---|---|---|
| 8.5 | HIGH | 4.0 | cna | CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P |
| 7.8 | HIGH | 3.1 | cna | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R |
| 7.8 | HIGH | 3.0 | cna | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R |
| 6.8 | N/D | 2.0 | cna | AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR |
References (5)
- VDB-372524 | IM-Magic Partition Resizer Kernel Driver MDA_NTDRV.sys access control https://vuldb.com/vuln/372524
- VDB-372524 | CTI Indicators (IOB, IOC, TTP, IOA) https://vuldb.com/vuln/372524/cti
- CVE-2026-12784 | CVE Analysis and Report https://vuldb.com/cve/CVE-2026-12784
- Submit #835613 | IM-Magic Partition Resizer Kernel Driver MDA_NTDRV.sys 7.9.0 Local Privilege Escapation https://vuldb.com/submit/835613
- https://winslow1984.com/books/cve-collection/page/im-magic-partition-resizer-790-kernel-driver-mda-ntdrvsys-local-privilege-escalation