CVE-2026-8501
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
01/06/2026
Last modified:
01/06/2026
Description
Improper access control in the PCTCore64.sys Windows kernel driver from PC Tools Internet Security allows user-mode processes to access the PCTCoreDriver WDM device interface and invoke privileged IOCTL handlers. A local attacker with the ability to access or load the affected driver can exploit this vulnerability to perform sensitive and privileged operations on the target system.
Impact
Base Score 3.x
7.80
Severity 3.x
HIGH
References to Advisories, Solutions, and Tools
- https://kb.cert.org/vuls/id/158530
- https://learn.microsoft.com/en-us/windows/security/application-security/application-control/app-control-for-business/design/microsoft-recommended-driver-block-rules
- https://learn.microsoft.com/en-us/windows/win32/secauthz/security-descriptor-definition-language
- https://www.kb.cert.org/vuls/id/158530



