Skip to main content

FluxInk Color Driver CVE-2026-58583

| EUVDEUVD-2026-42094 HIGH
Improper Privilege Management (CWE-269)
2026-07-07 cisa-cg GHSA-g73c-jxmq-7fh5
8.4
CVSS 4.0 · Vendor: cisa-cg
Share

Severity by source

Vendor (cisa-cg) PRIMARY
8.4 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
8.8 HIGH

Local standard-user access (AV:L, PR:L) reliably yields arbitrary physical-memory read/write across the kernel boundary (S:C), giving full C/I/A including crash-induced availability loss.

3.1 AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (cisa-cg).

CVSS VectorVendor: cisa-cg

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

4
Patch available
Jul 07, 2026 - 22:01 EUVD
Analysis Generated
Jul 07, 2026 - 21:26 vuln.today
CVSS changed
Jul 07, 2026 - 21:22 NVD
7.1 (HIGH) 8.4 (HIGH)
CVE Published
Jul 07, 2026 - 20:33 cve.org
HIGH 8.4

DescriptionCVE.org

FluxInk (formerly Sunia SPB Peripheral) Color Management Driver (TcnPeripheral64.sys) 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows 11 25H2 HLK (Hardware Lab Kit). The fixed driver may be available through Windows Update or from Lenovo directly.

AnalysisAI

Local privilege escalation in the FluxInk (formerly Sunia SPB Peripheral) Color Management Driver TcnPeripheral64.sys version 1.0.7.2 lets a standard user map arbitrary physical memory via the \Device\PhysicalMemory object and gain kernel-level control. The flaw affects Lenovo systems shipping this signed color-management driver and is fixed in version 1.0.7.6. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain standard-user local session
Delivery
Open TcnPeripheral64.sys device interface
Exploit
Map \Device\PhysicalMemory
Execution
Read/write kernel token structures
Impact
Escalate process to SYSTEM

Vulnerability AssessmentAI

Exploitation Requires local code execution as an authenticated standard user (CVSS PR:L) on a system where the FluxInk/Sunia Color Management Driver TcnPeripheral64.sys version 1.0.7.2 is installed and its device object is accessible. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment This is a genuine, high-priority local escalation on affected hosts. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A standard user (or malware already running as an unprivileged user) opens the TcnPeripheral64.sys device interface and requests a mapping of \Device\PhysicalMemory, then uses the resulting arbitrary read/write over physical RAM to patch its own process token or kernel structures and become SYSTEM. Public POC code (github.com/b3s3da/TcnPeripheral64_PoC) demonstrates the primitive, making weaponization straightforward. …
Remediation Vendor-released patch: 1.0.7.6 - upgrade the FluxInk/Sunia Color Management Driver to version 1.0.7.6, which the advisory states is available in the Windows 11 25H2 HLK (Hardware Lab Kit) and may be delivered via Windows Update or directly from Lenovo. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Scan environment for Lenovo systems with TcnPeripheral64.sys version 1.0.7.2 and document affected asset inventory. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

CVE-2026-58583 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy