CVE-2026-12193

HIGH

VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow

Title source: cna
STIX 2.1

Description

A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtl_Handler in the library RevoDetector.sys of the component IOCTL Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. Upgrading to version 2.7.0 is sufficient to fix this issue. It is recommended to upgrade the affected component.

References (10)

Core 10
Core References
Vdb Entry, Technical Description vdb-entry technical-description
VDB-370839 | VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow
https://vuldb.com/vuln/370839
Signature, Permissions Required signature permissions-required
VDB-370839 | CTI Indicators (IOB, IOC, IOA)
https://vuldb.com/vuln/370839/cti
Third Party Advisory third-party-advisory
CVE-2026-12193 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-12193
Third Party Advisory third-party-advisory
Submit #829132 | VS REVO GROUP RevoUninstaller 2.5.0 Heap-based Buffer Overflow
https://vuldb.com/submit/829132
Third Party Advisory third-party-advisory
Submit #829133 | VS REVO GROUP RevoUninstaller 2.5.0 Heap-based Buffer Overflow (Duplicate)
https://vuldb.com/submit/829133
Media Coverage media-coverage
https://youtu.be/JR0KPjWRTns?si=Ff2bUDvv3butJyfP

Scores

CVSS v3 7.8
EPSS 0.0019
EPSS Percentile 8.7%
Attack Vector LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact total

Details

CWE
CWE-119 CWE-122
Status published
Products (3)
VS Revo/RevoUninstaller 2.5.*
VS Revo/RevoUninstaller 2.6.*
VS Revo/RevoUninstaller 2.7.0
Published Jun 15, 2026
Tracked Since Jun 15, 2026