CyberRota
← Ana sayfaya dön

CVE-2026-8049

MEDIUM · CVSS 5.3 EPSS %0.09

Kaynak: NVD + CISA KEV + EPSS · Yayınlanma: 2026-06-17T22:16:25.070 · Çekilme zamanı: 2026-06-30T12:25:59.683841+00:00

CyberRota Yorumu

Detaylı analiz gerekiyor.

CVE
CVE-2026-8049
Severity
MEDIUM
CVSS
5.3
EPSS
%0.09

Orijinal NVD Açıklaması

In SignalRGB versions prior to 1.3.7.0, the \\.\SignalIo device object is created without an explicit SDDL security descriptor and without FILE_DEVICE_SECURE_OPEN. This results in overly permissive default access control, allowing any authenticated local user to obtain a handle to the device and issue privileged IOCTLs.