Skip to main content

Xigncode3 Anti Cheat

1 CVEs product

Monthly

CVE-2026-3609 HIGH This Week

Local privilege escalation in Wellbia XIGNCODE3 anti-cheat driver (xhunter1.sys) allows any low-privileged user process to obtain a PROCESS_ALL_ACCESS handle to arbitrary processes by sending the IRP_MJ_REITS command to the kernel driver. Because XIGNCODE3 is bundled with many online games and runs with kernel privileges, a local attacker on an affected gaming system can hijack high-integrity processes including LSASS. Publicly available exploit code exists in the form of a detailed write-up, though EPSS exploitation probability remains very low at 0.02%.

Privilege Escalation Xigncode3 Anti Cheat
NVD
CVSS 3.1
7.8
EPSS
0.0%
EPSS 0% CVSS 7.8
HIGH This Week

Local privilege escalation in Wellbia XIGNCODE3 anti-cheat driver (xhunter1.sys) allows any low-privileged user process to obtain a PROCESS_ALL_ACCESS handle to arbitrary processes by sending the IRP_MJ_REITS command to the kernel driver. Because XIGNCODE3 is bundled with many online games and runs with kernel privileges, a local attacker on an affected gaming system can hijack high-integrity processes including LSASS. Publicly available exploit code exists in the form of a detailed write-up, though EPSS exploitation probability remains very low at 0.02%.

Privilege Escalation Xigncode3 Anti Cheat
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy