CVE-2026-14960
CVE-2026-14960
Pegatron `Tdelo64.sys` improperly exposes privileged hardware access functionality through the `\\.\TdeIo` device interface. IOCTL handlers including `TDE_IOCTL_INDEXIO_READ` and `TDE_IOCTL_INDEXIO_WRITE` permit unprivileged user-mode call…
Public proof-of-concept exploits
References
Frequently asked questions
- What is CVE-2026-14960?
- CVE-2026-14960 is a vulnerability, classified under CWE-284 IMPROPER ACCESS CONTROL. Published 2026-07-15.
- Is CVE-2026-14960 known to be exploited?
- 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.