CVE-2026-12786
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk2th percentile — higher than 2% of all known CVEs
Summary
A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to version 9.76, affecting some unknown functionality in the library bootpt64.sys of the Kernel Driver component. Manipulation leads to improper access controls.
Risk Assessment
The attack requires local access, which limits the risk; however, the public disclosure of the exploit may increase the threat to systems that have not been updated.
Recommendation
It is recommended to update to the latest version of UltraISO Premium Edition to eliminate this vulnerability and to monitor systems for unauthorized access.
Original NVD description (English source)
A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to 9.76. Affected by this issue is some unknown functionality in the library bootpt64.sys of the component Kernel Driver. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

