Engineering Toolkits
Monthly
Local privilege escalation in Portwell Engineering Toolkits 4.8.2 stems from a kernel driver that exposes unchecked arbitrary memory read/write primitives to authenticated users. An attacker already logged onto an affected industrial/embedded host can corrupt kernel memory to elevate to SYSTEM-level control or crash the machine. No public exploit has been identified and the EPSS score is very low (0.02%, 3rd percentile), indicating no current evidence of opportunistic exploitation; this was reported through CISA's ICS-CERT rather than via observed in-the-wild activity.
Local privilege escalation in Portwell Engineering Toolkits 4.8.2 stems from a kernel driver that exposes unchecked arbitrary memory read/write primitives to authenticated users. An attacker already logged onto an affected industrial/embedded host can corrupt kernel memory to elevate to SYSTEM-level control or crash the machine. No public exploit has been identified and the EPSS score is very low (0.02%, 3rd percentile), indicating no current evidence of opportunistic exploitation; this was reported through CISA's ICS-CERT rather than via observed in-the-wild activity.