CVE-2026-14960
CVE-2026-14960
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
0th
Pegatron `Tdelo64.sys` improperly exposes privileged hardware access functionality through the `\\.\TdeIo` device interface. IOCTL handlers including `TDE_IOCTL_INDEXIO_READ` and `TDE_IOCTL_INDEXIO_WRITE` permit unprivileged user-mode callers to perform arbitrary hardware I/O port reads and writes without authorization checks. A local attacker can abuse this functionality to manipulate hardware registers, tamper with firmware-related interfaces, cause system instability, or establish persistent low-level compromise.
| Vendor | pegatron corp. |
| Product | tdelo64.sys |
| Published | Jul 15, 2026 |
| Last Updated | Jul 15, 2026 |
Stay Ahead of the Next One
Get instant alerts for pegatron corp. tdelo64.sys
Be the first to know when new unknown vulnerabilities affecting pegatron corp. tdelo64.sys are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
Pegatron Corp. / Tdelo64.sys
02-17-2025 โค 02-17-2025