CVE-2026-29923

HIGH

EnTech Taiwan PowerStrip <=3.90.736 - Privilege Escalation

Title source: llm

Description

The pstrip64.sys driver in EnTech Taiwan PowerStrip <=3.90.736 allows local users to escalate privileges to SYSTEM via a crafted IOCTL request enabling unprivileged users to map arbitrary physical memory into their address space and modify critical kernel structures.

Exploits (2)

nomisec WRITEUP 2 stars

by Smarttfoxx · poc

https://github.com/Smarttfoxx/CVE-2026-29923

View Code ZIP pw:eip

nomisec WORKING POC

by athenasec16 · poc

https://github.com/athenasec16/CVE-2026-29923

View Code ZIP pw:eip

References (2)

https://entechtaiwan.com/util/ps.shtm

https://packetstorm.news/files/id/218394/

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 2.3%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-269

Status published

Published Apr 09, 2026

Tracked Since Apr 10, 2026