CVE Catalog

CVE-2026-12786

HighCVSS 7.8
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.11%

2th percentile — higher than 2% of all known CVEs

Summary

A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to version 9.76, affecting some unknown functionality in the library bootpt64.sys of the Kernel Driver component. Manipulation leads to improper access controls.

Risk Assessment

The attack requires local access, which limits the risk; however, the public disclosure of the exploit may increase the threat to systems that have not been updated.

Recommendation

It is recommended to update to the latest version of UltraISO Premium Edition to eliminate this vulnerability and to monitor systems for unauthorized access.

Original NVD description (English source)

A vulnerability has been found in Ezbsystems UltraISO Premium Edition up to 9.76. Affected by this issue is some unknown functionality in the library bootpt64.sys of the component Kernel Driver. The manipulation leads to improper access controls. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS