CVE Catalog

CVE-2026-0138

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.07%

0th percentile - higher than 0% of all known CVEs

Summary

In the lwis_io_buffer_write function of lwis_io_buffer.c, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed.

Risk Assessment

This vulnerability could allow an attacker to gain higher privileges on the system, posing a serious security threat to the organization.

Recommendation

It is recommended to update the software to the latest version to mitigate this vulnerability and to monitor systems for unauthorized activities.

Original NVD description (English source)

In lwis_io_buffer_write of lwis_io_buffer.c, there is a possible out of bounds write due to memory corruption. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS