CVE-2026-12784

Summary

A weakness has been identified in IM-Magic Partition Resizer up to 7.9.0. This affects an unknown function in the library MDA_NTDRV.sys of the component Kernel Driver. This manipulation causes improper access controls. The attack requires local access. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

Affected Software

VendorProductVersion RangeStatus
IM-MagicPartition Resizer7.0affected
IM-MagicPartition Resizer7.1affected
IM-MagicPartition Resizer7.2affected
IM-MagicPartition Resizer7.3affected
IM-MagicPartition Resizer7.4affected
IM-MagicPartition Resizer7.5affected
IM-MagicPartition Resizer7.6affected
IM-MagicPartition Resizer7.7affected
IM-MagicPartition Resizer7.8affected
IM-MagicPartition Resizer7.9.0affected

Weaknesses

  • CWE-284: Improper Access Controls
  • CWE-266: Incorrect Privilege Assignment

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: poc
    • Automatable: no
    • Technical Impact: total

References