EIP-2026-117887

PRE-CVE

SafeGuard PrivateDisk 2.0/2.3 - 'privatediskm.sys' Multiple Local Security Bypass Vulnerabilities

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-117887. PoCs published by mu-b.

AI-analyzed exploit summary This exploit demonstrates a local security bypass vulnerability in SafeGuard PrivateDisk by sending a crafted IOCTL request to forcibly unmount a mounted volume. It iterates through session IDs to find the correct one for the target volume file.

Description

SafeGuard PrivateDisk 2.0/2.3 - 'privatediskm.sys' Multiple Local Security Bypass Vulnerabilities

Exploits (1)

exploitdb WORKING POC VERIFIED

by mu-b · clocalwindows

https://www.exploit-db.com/exploits/35189

View Code ZIP pw:eip

This exploit demonstrates a local security bypass vulnerability in SafeGuard PrivateDisk by sending a crafted IOCTL request to forcibly unmount a mounted volume. It iterates through session IDs to find the correct one for the target volume file.

Classification

Working Poc 95%

Attack Type

Auth Bypass

Complexity

Moderate

Reliability

Reliable

Target: SafeGuard PrivateDisk 2.0 and 2.3

No auth needed

Prerequisites: Physical access to the target system · SafeGuard PrivateDisk installed and running

MITRE ATT&CK

T1562.001 - Disable or Modify Tools

devstral-2 · analyzed Feb 18, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026