Back to CVE List

CVE-2026-58583

HIGH SEVERITY

CVSS Score & Metrics

Base Score
7.1 / 10
Vector String
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Vulnerability Description

FluxInk (formerly Sunia SPB Peripheral) Color Management Driver (TcnPeripheral64.sys) 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows 11 25H2 HLK (Hardware Lab Kit). The fixed driver may be available through Windows Update or from Lenovo directly.

Vulnerability Details

Published Date
Last Modified
CWE ID
CWE-269
Source
NVD
Vendor
FluxInk
Product
Color Management Driver

External References

Discussion (0)

Add Comment

No comments yet. Be the first!