CVE-2026-30769

Published: Apr 29, 2026Modified: May 5, 2026

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0 (Secondary)

Description

An issue in the TVicPort64.sys component of EnTech Taiwan TVicPort Product v4.0, File v5.2.1.0 allows attackers to escalate privileges via sending crafted IOCTL 0x80002008 requests.

Affected (1)

Products: Entechtaiwan: Tvicport

Entechtaiwan

1 product

Tvicport

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Entechtaiwan Tvicport	Version 5.2.1.0

Related CWEs

CWE-20

Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

CWE-269

Improper Privilege Management

The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor.

References (2)

https://gist.github.com/lleekkoo/6c73fa4e137aca6f5dfe6aec4f6a7b29

Source: cve@mitre.org

Third Party Advisory

https://www.entechtaiwan.com/dev/port/index.shtm

Source: cve@mitre.org

Product

Timeline

No history available yet.