EUVD-2026-26240CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Lifecycle Timeline
5DescriptionNVD
An issue in the TVicPort64.sys component of EnTech Taiwan TVicPort Product v4.0, File v5.2.1.0 allows attackers to escalate privileges via sending crafted IOCTL 0x80002008 requests.
AnalysisAI
Local privilege escalation in EnTech Taiwan TVicPort v4.0 (driver v5.2.1.0) allows authenticated low-privileged users to gain SYSTEM privileges via crafted IOCTL 0x80002008 requests to the TVicPort64.sys kernel driver. The vulnerability stems from improper input validation (CWE-20) in IOCTL handling. …
Sign in for full analysis, threat intelligence, and remediation guidance.
RemediationAI
Within 24 hours: Inventory all systems running EnTech Taiwan TVicPort driver v5.2.1.0 and earlier; restrict driver access via DACL modifications to admin-only accounts if operationally feasible. Within 7 days: Contact EnTech Taiwan support to confirm patch timeline; evaluate driver necessity and consider replacement with alternative I/O port access solutions or disable the driver if not mission-critical. …
Sign in for detailed remediation steps.
Share
External POC / Exploit Code
Leaving vuln.today