Skip to main content

Catchpulse EUVDEUVD-2026-43247

| CVE-2026-15506 HIGH
Heap-based Buffer Overflow (CWE-122)
2026-07-12 VulDB GHSA-j5fg-5g4v-6437
7.1
CVSS 4.0 · Vendor: VulDB
Share

Severity by source

Vendor (VulDB) PRIMARY
7.1 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.8 HIGH

Local kernel-driver flaw reachable by an authenticated low-privileged user via IOCTL with no user interaction (AV:L/PR:L/UI:N); kernel code execution yields full C/I/A impact, scope unchanged.

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (VulDB).

CVSS VectorVendor: VulDB

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

5
Analysis Updated
Jul 12, 2026 - 22:29 vuln.today
v3 (cvss_changed)
Analysis Updated
Jul 12, 2026 - 22:29 vuln.today
v2 (cvss_changed)
Re-analysis Queued
Jul 12, 2026 - 22:22 vuln.today
cvss_changed
CVSS changed
Jul 12, 2026 - 22:22 NVD
8.5 (HIGH) 7.1 (HIGH)
Analysis Generated
Jul 12, 2026 - 22:16 vuln.today

DescriptionCVE.org

A security vulnerability has been detected in SecureAge CatchPulse up to 10.9.3. The affected element is an unknown function in the library saappctl.sys of the component Driver. Such manipulation leads to heap-based buffer overflow. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure.

AnalysisAI

Local privilege escalation in SecureAge CatchPulse endpoint protection (versions up to and including 10.9.3) stems from a heap-based buffer overflow in the kernel driver saappctl.sys, where an authenticated local user can corrupt kernel heap memory to gain code execution at ring 0. Publicly available exploit code exists (demonstrated in a YouTube proof-of-concept), but there is no public exploit identified as being used in active attacks and the issue is not on CISA KEV. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Recommended ActionAI

24 hours: Audit all endpoints running SecureAge CatchPulse 10.9.3 or earlier; restrict local login access to essential personnel only and enforce strong authentication. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-43247 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy