CVE-2026-12217

CVE Database · CVE-2026-12217

CVE-2026-12217

· HIGHReceived

CVSS v3.1

7.8

CVSS v4.0

7.1

EPSS

0.11%

Published

Jun 15, 2026

Modified

Jun 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dvdfabio.sys of the component Signed Kernel Driver. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Weaknesses (CWE)

CWE-266CWE-269

References (5)

https://vuldb.com/cve/CVE-2026-12217

https://vuldb.com/submit/833857

https://vuldb.com/vuln/370860

https://vuldb.com/vuln/370860/cti

https://winslow1984.com/books/cve-collection/page/dvdfab-virtual-drive-kernel-driver-dvdfabiosys-local-privilege-escalation

KEV Catalog EPSS Scores Vendors All CVEs