Skip to main content

EaseUS Partition Master CVE-2026-12782

| EUVDEUVD-2026-38147 HIGH
Improper Access Control (CWE-284)
2026-06-21 VulDB GHSA-2p82-8c67-963q
7.1
CVSS 4.0 · Vendor: VulDB
Share

Severity by source

Vendor (VulDB) PRIMARY
7.1 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.8 HIGH

Local kernel-driver LPE reachable from any authenticated low-priv user (AV:L, PR:L, AC:L, UI:N); successful exploitation yields SYSTEM, giving full C/I/A impact without scope change.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

2
Analysis Generated
Jun 22, 2026 - 05:58 vuln.today
CVSS changed
Jun 21, 2026 - 08:22 NVD
8.5 (HIGH) 7.1 (HIGH)

DescriptionCVE.org

A security flaw has been discovered in EaseUS Partition Master up to 14.5. The impacted element is an unknown function in the library EUEDKEPM.sys of the component Kernel Driver. The manipulation results in improper access controls. The attack requires a local approach. The exploit has been released to the public and may be used for attacks. The affected component should be upgraded. The vendor explains: "We have confirmed that this issue was present only in older versions of the product. Our product has since been updated, and the issue has been resolved in the latest version, so it no longer exists."

AnalysisAI

Local privilege escalation in EaseUS Partition Master versions 14.0 through 14.5 allows low-privileged users to abuse the EUEDKEPM.sys kernel driver due to improper access controls (CWE-284). Publicly available exploit code exists and the vendor has released a patched version, though the issue is not listed in CISA KEV. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain local low-privilege shell
Delivery
Detect EaseUS driver installed
Exploit
Open EUEDKEPM.sys device handle
Execution
Issue crafted IOCTL bypassing access check
Persist
Abuse kernel primitives for SYSTEM token
Impact
Disable EDR and establish persistence

Vulnerability AssessmentAI

Exploitation Requires EaseUS Partition Master versions 14.0 through 14.5 to be installed on the target Windows host with the EUEDKEPM.sys kernel driver loaded, plus an existing local low-privileged session (PR:L) on that host to open the driver's device object; no user interaction is needed. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:L/UI:N, VC:H/VI:H/VA:H) correctly characterizes this as a high-impact local issue requiring only low privileges and no user interaction, consistent with a kernel-driver LPE. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has obtained an ordinary user session on a Windows host where EaseUS Partition Master 14.0-14.5 is installed opens a handle to the EUEDKEPM.sys device and issues a crafted IOCTL that the driver fails to gate behind a proper access check. Using the public proof-of-concept published at winslow1984.com, the attacker leverages the driver's privileged primitives (typically arbitrary kernel read/write or raw disk I/O) to elevate to SYSTEM, then installs persistence or disables endpoint security tooling. …
Remediation Patch available per vendor advisory: upgrade EaseUS Partition Master to the latest release from https://www.easeus.com/partition-manager/, which the vendor states resolves the EUEDKEPM.sys access-control issue (an exact fixed version string is not provided in the advisory, so verify the installed driver version after upgrade). … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify and inventory all systems running EaseUS Partition Master 14.0-14.5 in the environment. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-12782 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy