CVE-2026-56129
5.5
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
Summary
Generic IO & Memory Access driver for PCs provided by TOSHIBA CORPORATION and Dynabook Inc. exposes its IOCTL with insufficient access control. A logged-in user with no administrative privilege may access physical memory.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Dynabook Inc. | Generic IO & Memory Access driver | all versions | affected |
| TOSHIBA CORPORATION | Generic IO & Memory Access driver | all versions | affected |
Weaknesses
- CWE-782: Exposed IOCTL with insufficient access control
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: partial
References
- https://global.sharp/corporate/info/product-security/advisory-list/2026-003/
- https://corporate.jp.sharp/info/product-security/advisory-list/2026-003/
- https://jvn.jp/en/vu/JVNVU91051826/
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.