CVE-2026-12217
7.8 HIGHA security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5
Published: 2026-06-15 · Last updated: 2026-06-15
Severity and scoring
- CVSS
- 7.8 HIGH
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- CWE
- CWE-266, CWE-269
Description
A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dvdfabio.sys of the component Signed Kernel Driver. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Source: NVD
References
- [NVD]https://nvd.nist.gov/vuln/detail/CVE-2026-12217
- [Other]https://vuldb.com/cve/CVE-2026-12217
- [Other]https://vuldb.com/submit/833857
- [Other]https://vuldb.com/vuln/370860
- [Other]https://vuldb.com/vuln/370860/cti
- [Other]https://winslow1984.com/books/cve-collection/page/dvdfab-virtual-drive-kernel-driver-dvdfabiosys-local-privilege-escalation
Related CVEs
Same CWE
- CVE-2026-12213 — A vulnerability was found in hcengineering Huly Platform up to 0.7.0 (4.3 MEDIUM)
- CVE-2026-12212 — A vulnerability has been found in hcengineering Huly Platform up to 0.7.0 (4.3 MEDIUM)
- CVE-2026-12201 — A flaw has been found in IObit Malware Fighter up to 13.2.0 (5.3 MEDIUM)
- CVE-2026-46716 — Nezha Monitoring is a self-hostable, lightweight, servers and websites monitoring and O&M tool (9.9 CRITICAL)
- CVE-2026-49060 — Incorrect Privilege Assignment vulnerability in Hippoo Mobile App for WooCommerce allows Privilege Escalation (9.8 CRITICAL)