EIP-2026-118029

PRE-CVE

Trend Micro Titanium Maximum Security 2011 - Local Kernel

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-118029. PoCs published by Nikita Tarakanov.

AI-analyzed exploit summary This exploit targets a pointer overwrite vulnerability in the tmtdi.sys kernel driver of Trend Micro Titanium Maximum Security 2011 via IOCTL 0x220404, allowing arbitrary kernel code execution. It includes shellcode for privilege escalation by token stealing across multiple Windows versions.

Description

Trend Micro Titanium Maximum Security 2011 - Local Kernel

Exploits (1)

exploitdb WORKING POC VERIFIED

by Nikita Tarakanov · clocalwindows

https://www.exploit-db.com/exploits/15376

View Code ZIP pw:eip

This exploit targets a pointer overwrite vulnerability in the tmtdi.sys kernel driver of Trend Micro Titanium Maximum Security 2011 via IOCTL 0x220404, allowing arbitrary kernel code execution. It includes shellcode for privilege escalation by token stealing across multiple Windows versions.

Classification

Working Poc 95%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: Trend Micro Titanium Maximum Security 2011 (tmtdi.sys version 6.5.0.1234)

No auth needed

Prerequisites: Local access to the vulnerable system · Trend Micro Titanium Maximum Security 2011 installed

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1055 - Process Injection

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026