Severity by source
AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Local kernel driver crash only; PR:L because standard users can reach the driver via IOCTL; no confidentiality or integrity impact applies.
Primary rating from Vendor (certcc).
CVSS VectorVendor: certcc
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Lifecycle Timeline
3DescriptionCVE.org
A NULL pointer dereference vulnerability for driver GFAC_Sys_x64.sys in Little Orbit GFAC allows a local attacker to cause a denial of service via crafted requests that trigger a system crash.
AnalysisAI
NULL pointer dereference in the GFAC_Sys_x64.sys kernel driver of Little Orbit's GameFirst Anti-Cheat enables a local low-privileged attacker to crash the entire Windows system by sending crafted requests to the driver. All versions released up to 2025-07-07 are affected per EUVD-2026-41377. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an interactive local session or existing code execution on the target Windows system with at least standard (low-privilege) user credentials - confirmed by the CVSS vector PR:L and AV:L. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The NVD CVSS vector CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H scores 5.5 (Medium), reflecting a local, low-complexity, low-privilege attack with high availability impact confined to the affected host (S:U). … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | A local user on a Windows gaming machine with GameFirst Anti-Cheat installed crafts malformed IOCTL requests and submits them to the GFAC_Sys_x64.sys kernel driver using the public PoC available at https://github.com/FzRsLLaSheR/CVE-2026-12166_CVE-2026-12167_CVE-2026-12168. The driver's failure to validate the request triggers a NULL pointer dereference in kernel space, causing an immediate Blue Screen of Death and forcing a system reboot. … |
| Remediation | No specific patched version number has been identified in the available data, so a vendor-confirmed fix version cannot be cited. … Detailed patch versions, workarounds, and compensating controls in full report. |
Threat intelligence, references, and detailed analysis are available after sign-in.
More in Gamefirst Anti Cheat
View allLocal privilege escalation in Little Orbit's GameFirst Anti-Cheat (GFAC) lets a low-privileged user reach SYSTEM and run
Local privilege escalation in Little Orbit's GameFirst Anti-Cheat (GFAC) kernel driver GFAC_Sys_x64.sys allows an unpriv
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-41377
GHSA-rp8q-7vcj-j55j