PT-2026-50558 · Signalrgb · Signalrgb Kernel Driver

Published

2026-06-17

Updated

2026-06-17

CVE-2026-8049

None

No severity ratings or metrics are available. When they are, we'll update the corresponding info on the page.

In SignalRGB versions prior to 1.3.7.0, the .SignalIo device object is created without an explicit SDDL security descriptor and without FILE DEVICE SECURE OPEN. This results in overly permissive default access control, allowing any authenticated local user to obtain a handle to the device and issue privileged IOCTLs.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2026-8049

Affected Products

Signalrgb Kernel Driver

PT-2026-50558 · Signalrgb · Signalrgb Kernel Driver

CVE-2026-8049

Related Identifiers

Affected Products

References · 1