Back to overview

CVE-2026-14961

MEDIUM
6.2
CVSS 3.1
Description
Pegatron `Tdelo64.sys` exposes a privileged device interface, `\\.\TdeIo`, that fails to properly restrict access to sensitive IOCTL functionality. The driver's IOCTL dispatcher does not validate caller privileges or verify user-supplied kernel memory addresses before performing memory operations. By sending crafted requests to IOCTL, a local attacker can achieve arbitrary kernel memory read and write operations, leading to privilege escalation to `NT AUTHORITY\SYSTEM`, security product bypass, credential theft, or complete system compromise.

Metadata

CVE ID
CVE-2026-14961
State
PUBLISHED
Assigner
certcc
Reserved
2026-07-07 14:26 UTC
Published
2026-07-15 17:09 UTC
Last updated
2026-07-15 19:31 UTC
Primary CWE
CWE-269
CWE-269 Improper Privilege Management
Vendor / Product
Pegatron Corp. / Tdelo64.sys
Sources
cve.org  ·  NVD

Severity & Metrics

6.2 MEDIUM CVSS 3.1
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
SSVC — CISA Coordinator
Exploitation
none
Automatable
no
Tech. Impact
total
Affected products (1)
VendorProductPlatformVersions
Pegatron Corp. Tdelo64.sys 02-17-2025 ≤ 02-17-2025
Weakness (CWE)
CWESourceDescription
cna CWE-284 Improper Access Control
cna CWE-781Improper Address Validation in IOCTL with METHOD_NEITHER I/O Control Code
CWE-20 adp CWE-20 Improper Input Validation
CWE-269 adp CWE-269 Improper Privilege Management
CVSS scores (1)
ScoreSeverityVersionSourceVector
6.2 MEDIUM 3.1 adp CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Back to overview