CVE-2026-35553
Received Received - Intake
Stack-Based Buffer Overflow in Dynabook Bluetooth ACPI Drivers

Publication date: 2026-04-13

Last updated on: 2026-04-13

Assigner: JPCERT/CC

Description
Bluetooth ACPI Drivers provided by Dynabook Inc. contain a stack-based buffer overflow vulnerability. An attacker may execute arbitrary code by modifying certain registry values.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-04-13
Last Modified
2026-04-13
Generated
2026-06-16
AI Q&A
2026-04-13
EPSS Evaluated
2026-06-15
NVD
CVE-2026-35553
EUVD
EUVD-2026-21848
Affected Vendors & Products
Showing 2 associated CPEs
Vendor Product Version / Range
dynabook bluetooth_acpi_drivers to 11.0.0.0 (exc)
dynabook bluetooth_acpi_drivers 11.0.2.3
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-121 A stack-based buffer overflow condition is a condition where the buffer being overwritten is allocated on the stack (i.e., is a local variable or, rarely, a parameter to a function).
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Detection Guidance

This vulnerability affects Dynabook Inc.'s Bluetooth ACPI drivers, specifically TOSRFEC.SYS (all versions) and DRFEC.SYS version 11.0.0.0 and earlier. Detection involves identifying the presence and version of these drivers on your system.

You can check the driver versions on a Windows system using the following commands:

  • Open an elevated Command Prompt or PowerShell and run: 1) To list the driver files and their versions: - `wmic sysdriver where "name like '%DRFEC%' or name like '%TOSRFEC%'" get name,pathname,displayname,started,state` - `powershell "Get-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Services\DRFEC' | Select-Object -Property ImagePath,DisplayName"`
  • Alternatively, use Device Manager to locate the Bluetooth ACPI driver and check its properties for the driver version.

If the driver version is 11.0.0.0 or earlier for DRFEC.SYS, or any version for TOSRFEC.SYS, the system is vulnerable.

Executive Summary

CVE-2026-35553 is a stack-based buffer overflow vulnerability found in Dynabook Inc.'s Bluetooth ACPI drivers, specifically affecting the TOSRFEC.SYS driver (all versions) and DRFEC.SYS driver version 11.0.0.0 and earlier.

This vulnerability allows an attacker who already has high privileges and local access to the system to execute arbitrary code by modifying certain registry values.

Impact Analysis

An attacker with high privileges and local access can exploit this vulnerability to execute arbitrary code on the affected system without user interaction.

This can lead to full compromise of the system, including unauthorized control over system functions, data modification, or disruption of services.

Mitigation Strategies

To mitigate this vulnerability, you should update the affected Bluetooth ACPI drivers to a safe version.

  • Update the DRFEC.SYS driver to version 11.0.2.3 or later as provided by Dynabook Inc.
  • If TOSRFEC.SYS is installed, updating it will automatically replace it with the DRFEC.SYS driver.
  • Use Windows Update or the Dynabook support website to obtain and install the updated drivers.

Applying these updates will prevent attackers with high privileges from exploiting the stack-based buffer overflow vulnerability to execute arbitrary code.

Compliance Impact

The provided information does not specify how the CVE-2026-35553 vulnerability affects compliance with common standards and regulations such as GDPR or HIPAA.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-35553. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart