CVE-2026-12217
HIGHDVDFab Virtual Drive Signed Kernel Driver dvdfabio.sys privileges management
Title source: cnaDescription
A security vulnerability has been detected in DVDFab Virtual Drive 2.0.0.5. Impacted is an unknown function in the library dvdfabio.sys of the component Signed Kernel Driver. The manipulation leads to improper privilege management. An attack has to be approached locally. The exploit has been disclosed publicly and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
References (5)
Core 5
Core References
Exploit exploit
https://winslow1984.com/books/cve-collection/page/dvdfab-virtual-drive-kernel-driver-dvdfabiosys-local-privilege-escalation
Vdb Entry vdb-entry
VDB-370860 | DVDFab Virtual Drive Signed Kernel Driver dvdfabio.sys privileges management
https://vuldb.com/vuln/370860
Signature, Permissions Required signature
permissions-required
VDB-370860 | CTI Indicators (IOB, IOC, TTP, IOA)
https://vuldb.com/vuln/370860/cti
Third Party Advisory third-party-advisory
CVE-2026-12217 | CVE Analysis and Report
https://vuldb.com/cve/CVE-2026-12217
Third Party Advisory third-party-advisory
Submit #833857 | DVDFab DVDFab Virtual Drive 2.0.0.5 Local Privilege Escapation
https://vuldb.com/submit/833857
Scores
CVSS v3
7.8
EPSS
0.0011
EPSS Percentile
1.6%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
total
Details
CWE
CWE-266
CWE-269
Status
published
Products (1)
DVDFab/Virtual Drive
2.0.0.5
Published
Jun 15, 2026
Tracked Since
Jun 15, 2026