Skip to main content

QILING Disk Master EUVDEUVD-2026-43198

| CVE-2026-15476 LOW
Improper Access Control (CWE-284)
2026-07-12 VulDB GHSA-fv2q-hqcx-c836
1.9
CVSS 4.0 · Vendor: VulDB

Severity by source

Vendor (VulDB) PRIMARY
1.9 MEDIUM
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
5.3 MEDIUM

AV:L and PR:L align with local low-priv exploitation; impact held at Low across CIA consistent with CVSS 4.0 VC:L/VI:L/VA:L, despite conflicting exploit-title claim of privilege escalation.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Severity Changed
Jul 12, 2026 - 04:22 NVD
MEDIUM LOW
CVSS changed
Jul 12, 2026 - 04:22 NVD
4.8 (MEDIUM) 1.9 (LOW)
Analysis Generated
Jul 12, 2026 - 03:58 vuln.today

DescriptionCVE.org

A security vulnerability has been detected in QILING Disk Master 6.0.0.0. The impacted element is an unknown function in the library diskbckp.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack can only be performed from a local environment. The exploit has been disclosed publicly and may be used. It is suggested to upgrade the affected component.

AnalysisAI

Improper access control in the diskbckp.sys kernel driver of QILING Disk Master 6.0.0.0 allows local low-privileged users to bypass authorization checks and interact with privileged kernel driver functionality. Tagged as an authentication bypass, the flaw resides in an unknown function within the kernel driver component, enabling manipulation of access control logic without elevated credentials. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain local user session on target Windows host
Delivery
Verify diskbckp.sys driver service is running
Exploit
Craft malicious IOCTL payload using PoC
Execution
Invoke DeviceIoControl bypassing access checks
Persist
Perform unauthorized privileged kernel driver operations
Impact
Escalate privileges or manipulate backup state

Vulnerability AssessmentAI

Exploitation The attacker must have a local interactive or programmatic session (e.g., shell, RDP, or console access) on a Windows system with QILING Disk Master 6.0.0.0 installed and the diskbckp.sys kernel driver actively loaded and running as a service. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:L/UI:N/E:P) scores 4.8, reflecting local exploitation by a low-privileged user with no attack requirements and a publicly available proof-of-concept. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario A standard-privileged Windows user on a machine with QILING Disk Master 6.0.0.0 installed and the diskbckp.sys driver service running invokes a crafted IOCTL via the Windows DeviceIoControl API, bypassing the driver's access control checks without requiring administrative credentials. Using the publicly disclosed PoC documented at https://winslow1984.com/books/cve-collection/page/qiling-disk-master-kernel-driver-diskbckpsys-6-0-0-0-local-privilege-escalation, the attacker manipulates kernel-level operations to achieve privilege escalation or unauthorized disk backup manipulation. …
Remediation The vendor has released a patched build available for download at https://www.idiskhome.com/download/beta/multi_DiskMaster_Pro_Trial.exe - users should upgrade immediately. … Detailed patch versions, workarounds, and compensating controls in full report.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-43198 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy