CVE-2026-8501 | THREATINT

Description

Improper access control in the PCTCore64.sys Windows kernel driver from PC Tools Internet Security allows user-mode processes to access the PCTCoreDriver WDM device interface and invoke privileged IOCTL handlers. A local attacker with the ability to access or load the affected driver can exploit this vulnerability to perform sensitive and privileged operations on the target system.

PUBLISHED Reserved 2026-05-13 | Published 2026-06-01 | Updated 2026-06-01 | Assigner certcc

Problem types

CWE-782: Exposed IOCTL with Insufficient Access Control

Product status

affected

References

www.kb.cert.org/vuls/id/158530

learn.microsoft.com/...rosoft-recommended-driver-block-rules

learn.microsoft.com/...curity-descriptor-definition-language

kb.cert.org/vuls/id/158530

cve.org (CVE-2026-8501)

nvd.nist.gov (CVE-2026-8501)

Download JSON