Skip to main content

Engineering Toolkits

1 CVEs product

Monthly

CVE-2026-3437 CRITICAL Act Now

Local privilege escalation in Portwell Engineering Toolkits 4.8.2 stems from a kernel driver that exposes unchecked arbitrary memory read/write primitives to authenticated users. An attacker already logged onto an affected industrial/embedded host can corrupt kernel memory to elevate to SYSTEM-level control or crash the machine. No public exploit has been identified and the EPSS score is very low (0.02%, 3rd percentile), indicating no current evidence of opportunistic exploitation; this was reported through CISA's ICS-CERT rather than via observed in-the-wild activity.

Engineering Toolkits Buffer Overflow
NVD GitHub VulDB
CVSS 4.0
9.3
EPSS
0.0%
EPSS 0% CVSS 9.3
CRITICAL Act Now

Local privilege escalation in Portwell Engineering Toolkits 4.8.2 stems from a kernel driver that exposes unchecked arbitrary memory read/write primitives to authenticated users. An attacker already logged onto an affected industrial/embedded host can corrupt kernel memory to elevate to SYSTEM-level control or crash the machine. No public exploit has been identified and the EPSS score is very low (0.02%, 3rd percentile), indicating no current evidence of opportunistic exploitation; this was reported through CISA's ICS-CERT rather than via observed in-the-wild activity.

Engineering Toolkits Buffer Overflow
NVD GitHub VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy