CVE-2026-12193

Description

A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtl_Handler in the library RevoDetector.sys of the component IOCTL Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. Upgrading to version 2.7.0 is sufficient to fix this issue. It is recommended to upgrade the affected component.

PUBLISHED Reserved 2026-06-14 | Published 2026-06-14 | Updated 2026-06-15 | Assigner VulDB

Problem types

Heap-based Buffer Overflow

Memory Corruption

Product status

Timeline

Credits

Jordanhiggins (VulDB User) reporter

References

vuldb.com/vuln/370839 (VDB-370839 | VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow) vdb-entry technical-description

vuldb.com/vuln/370839/cti (VDB-370839 | CTI Indicators (IOB, IOC, IOA)) signature permissions-required

vuldb.com/cve/CVE-2026-12193 (CVE-2026-12193 | CVE Analysis and Report) third-party-advisory

vuldb.com/submit/829132 (Submit #829132 | VS REVO GROUP RevoUninstaller <2.7.0 >2.5.0 Heap-based Buffer Overflow) third-party-advisory

vuldb.com/submit/829133 (Submit #829133 | VS REVO GROUP RevoUninstaller <2.7.0 >2.5.0 Heap-based Buffer Overflow (Duplicate)) third-party-advisory

jordanhiggins.blog/revouninstaller-pool-overflow-exploit/ broken-link exploit

github.com/Kalagious/RevoDetectorExploit/tree/master exploit

www.revouninstaller.com/start-freeware-download/ patch

vandalsuidaho-my.sharepoint.com/...-admcJyl5ITzYhu0?e=4Ywwza related

youtu.be/JR0KPjWRTns?si=Ff2bUDvv3butJyfP media-coverage

cve.org (CVE-2026-12193)

nvd.nist.gov (CVE-2026-12193)

Download JSON