Lifecycle Timeline
1DescriptionCVE.org
Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the \\.\TdeIo device interface. IOCTL handlers including TDE_IOCTL_INDEXIO_READ and TDE_IOCTL_INDEXIO_WRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without authorization checks. A local attacker can abuse this functionality to manipulate hardware registers, tamper with firmware-related interfaces, cause system instability, or establish persistent low-level compromise.
Analysis
Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the \\.\TdeIo device interface. IOCTL handlers including TDE_IOCTL_INDEXIO_READ and TDE_IOCTL_INDEXIO_WRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without authorization checks. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Tdelo64 Sys
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-44730
GHSA-vgx6-wf36-3h9h