Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Physical memory access enables both read and write; C:H added to correct apparent understatement of vendor C:N, all other metrics align with the provided vector.
Primary rating from Vendor (jpcert).
CVSS VectorVendor: jpcert
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
Generic IO & Memory Access driver for PCs provided by TOSHIBA CORPORATION and Dynabook Inc. exposes its IOCTL with insufficient access control. A logged-in user with no administrative privilege may access physical memory.
AnalysisAI
Physical memory exposure in the Generic IO & Memory Access Driver for Toshiba and Dynabook PCs allows any locally logged-in user - without administrative privileges - to access physical memory by invoking an insufficiently access-controlled IOCTL interface. Physical memory access of this kind typically enables both reading sensitive in-memory data (credentials, encryption keys, kernel structures) and writing to arbitrary memory addresses, making the effective impact broader than the vendor CVSS C:N rating suggests. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an interactive local session as any standard (non-administrator) user on a Windows PC with the Generic IO & Memory Access Driver installed - this is the only prerequisite. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The vendor-assigned CVSS 3.1 vector (AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N, score 5.5) reflects a local, low-privilege, low-complexity attack with high integrity impact but zero confidentiality impact. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has obtained a standard (non-admin) user session on a Dynabook or Toshiba laptop - through phishing, a shared machine, or as a low-privileged employee - opens the exposed driver device handle and sends a crafted IOCTL call that maps or reads a target region of physical memory. With read access to physical memory, the attacker can extract LSASS credentials or other in-memory secrets, escalating to full domain or local administrator control. … |
| Remediation | Consult the Sharp/Dynabook security advisory at https://global.sharp/corporate/info/product-security/advisory-list/2026-003/ for the exact patched driver version; the input data does not specify a fixed version number, so a precise upgrade target cannot be confirmed independently. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-39190
GHSA-62xh-mjg9-8qhv