Skip to main content

Tdelo64 Sys EUVDEUVD-2026-44730

| CVE-2026-14960
2026-07-15 certcc GHSA-vgx6-wf36-3h9h

Lifecycle Timeline

1
CVE Published
Jul 15, 2026 - 17:08 cve.org
UNKNOWN (no severity yet)

DescriptionCVE.org

Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the \\.\TdeIo device interface. IOCTL handlers including TDE_IOCTL_INDEXIO_READ and TDE_IOCTL_INDEXIO_WRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without authorization checks. A local attacker can abuse this functionality to manipulate hardware registers, tamper with firmware-related interfaces, cause system instability, or establish persistent low-level compromise.

Analysis

Pegatron Tdelo64.sys improperly exposes privileged hardware access functionality through the \\.\TdeIo device interface. IOCTL handlers including TDE_IOCTL_INDEXIO_READ and TDE_IOCTL_INDEXIO_WRITE permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without authorization checks. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-44730 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy