๐Ÿ” CVE Alert

CVE-2026-14960

UNKNOWN 0.0

CVE-2026-14960

CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th

Pegatron `Tdelo64.sys` improperly exposes privileged hardware access functionality through the `\\.\TdeIo` device interface. IOCTL handlers including `TDE_IOCTL_INDEXIO_READ` and `TDE_IOCTL_INDEXIO_WRITE` permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without authorization checks. A local attacker can abuse this functionality to manipulate hardware registers, tamper with firmware-related interfaces, cause system instability, or establish persistent low-level compromise.

Vendor pegatron corp.
Product tdelo64.sys
Published Jul 15, 2026
Last Updated Jul 15, 2026
Stay Ahead of the Next One

Get instant alerts for pegatron corp. tdelo64.sys

Be the first to know when new unknown vulnerabilities affecting pegatron corp. tdelo64.sys are published โ€” delivered to Slack, Telegram or Discord.

Get Free Alerts โ†’ Free ยท No credit card ยท 60 sec setup

Affected Versions

Pegatron Corp. / Tdelo64.sys
02-17-2025 โ‰ค 02-17-2025

References

NVD โ†— CVE.org โ†— EPSS Data โ†—
kb.cert.org: https://kb.cert.org/vuls/id/529388