EIP-2026-116964

PRE-CVE

CloneCD/DVD 'ElbyCDIO.sys' < 6.0.3.2 - Local Privilege Escalation

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-116964. PoCs published by NT Internals.

AI-analyzed exploit summary This exploit targets a local privilege escalation vulnerability in the ElbyCDIO.sys driver used by multiple SlySoft products. The exploit leverages flawed input validation in the driver to escalate privileges on Windows systems.

Description

CloneCD/DVD 'ElbyCDIO.sys' < 6.0.3.2 - Local Privilege Escalation

Exploits (1)

exploitdb WORKING POC VERIFIED

by NT Internals · textlocalwindows

https://www.exploit-db.com/exploits/8250

View Code ZIP pw:eip

This exploit targets a local privilege escalation vulnerability in the ElbyCDIO.sys driver used by multiple SlySoft products. The exploit leverages flawed input validation in the driver to escalate privileges on Windows systems.

Classification

Working Poc 90%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: ElbyCDIO.sys < 6.0.3.2 (CloneCD, CloneDVD, Virtual CloneDrive, AnyDVD, AnyDVD HD)

No auth needed

Prerequisites: Local access to the target system · Presence of vulnerable ElbyCDIO.sys driver

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026