CVE-2026-36425
Severity CVSS v4.0:
Pending analysis
Type:
CWE-269
Improper Privilege Management
Publication date:
16/07/2026
Last modified:
17/07/2026
Description
An issue in OPSWAT AppRemover Driver (ardrv.sys) v2017.10.02.1551 and earlier in IOCTL handler 0x2420031. Any local user can open the device and send process termination requests without privilege validation.
Impact
Base Score 3.x
6.50
Severity 3.x
MEDIUM
References to Advisories, Solutions, and Tools
- https://github.com/redteamfortress/CVE-2026-36425
- https://www.opswat.com/products/oesis-framework/application-removal
- https://www.virustotal.com/gui/file/07c5209bf83065fe760f4fee4ed2308b0c523671f68ca73a3854c2c8c28c0541
- https://www.virustotal.com/gui/file/2248347b2ec49f07268a44816ebb6265677093ec277f825de1a76700ab25e3bc



