Skip to main content

Tdelo64 Sys

2 CVEs product

Monthly

CVE-2026-14961 MEDIUM This Month

Privilege escalation to NT AUTHORITY\SYSTEM is achievable on Windows systems hosting the Pegatron Tdelo64.sys kernel-mode driver, which exposes the \\.\TdeIo device interface without enforcing caller privilege checks or validating user-supplied kernel memory addresses in its IOCTL dispatcher. Any local user can open the device interface and send crafted IOCTL requests to perform arbitrary kernel memory read and write operations, enabling full system compromise including credential theft and security product bypass. No public exploit code or CISA KEV listing has been identified at time of analysis; the vulnerability was reported to CERT/CC (VU#529388), and the provided CVSS score of 6.2 materially understates the real-world impact given the described kernel write capability.

Privilege Escalation Tdelo64 Sys
NVD
CVSS 3.1
6.2
CVE-2026-14960 Awaiting Data

Pegatron `Tdelo64.sys` improperly exposes privileged hardware access functionality through the `\\.\TdeIo` device interface. IOCTL handlers including `TDE_IOCTL_INDEXIO_READ` and `TDE_IOCTL_INDEXIO_WRITE` permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without authorization checks. A local attacker can abuse this functionality to manipulate hardware registers, tamper with firmware-related interfaces, cause system instability, or establish persistent low-level compromise.

Information Disclosure Tdelo64 Sys
NVD
CVSS 6.2
MEDIUM This Month

Privilege escalation to NT AUTHORITY\SYSTEM is achievable on Windows systems hosting the Pegatron Tdelo64.sys kernel-mode driver, which exposes the \\.\TdeIo device interface without enforcing caller privilege checks or validating user-supplied kernel memory addresses in its IOCTL dispatcher. Any local user can open the device interface and send crafted IOCTL requests to perform arbitrary kernel memory read and write operations, enabling full system compromise including credential theft and security product bypass. No public exploit code or CISA KEV listing has been identified at time of analysis; the vulnerability was reported to CERT/CC (VU#529388), and the provided CVSS score of 6.2 materially understates the real-world impact given the described kernel write capability.

Privilege Escalation Tdelo64 Sys
NVD
Awaiting Data

Pegatron `Tdelo64.sys` improperly exposes privileged hardware access functionality through the `\\.\TdeIo` device interface. IOCTL handlers including `TDE_IOCTL_INDEXIO_READ` and `TDE_IOCTL_INDEXIO_WRITE` permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without authorization checks. A local attacker can abuse this functionality to manipulate hardware registers, tamper with firmware-related interfaces, cause system instability, or establish persistent low-level compromise.

Information Disclosure Tdelo64 Sys
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy