CVE-2026-12168
HIGHLittle Orbit GameFirst Anti-Cheat < 2025-07-07 - Arbitrary Code Execution
Title source: ruleExploitation Summary
EIP tracks 1 public exploit for CVE-2026-12168. PoCs published by FzRsLLaSheR.
AI-analyzed exploit summary Technical advisory detailing three local vulnerabilities in Little Orbit GFAC driver (GFAC_Sys_x64.sys), including a NULL pointer dereference (DoS), improper access control on a minifilter communication port, and an arbitrary kernel memory write (LPE to SYSTEM). The writeup provides root cause analysis, affected components, and mitigation recommendations but no exploit code.
Description
An improper validation vulnerability for driver `GFAC_Sys_x64.sys` in Little Orbit GFAC allows a local attacker to escalate privileges to SYSTEM and execute arbitrary code in kernel mode via crafted messages sent through a Minifilter communication port.
Exploits (1)
Technical advisory detailing three local vulnerabilities in Little Orbit GFAC driver (GFAC_Sys_x64.sys), including a NULL pointer dereference (DoS), improper access control on a minifilter communication port, and an arbitrary kernel memory write (LPE to SYSTEM). The writeup provides root cause analysis, affected components, and mitigation recommendations but no exploit code.
References (3)
Scores
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H