CVE-2026-61389
Received Received - Intake

Out-of-Bounds Write in Productivity Suite Kernel

Vulnerability report for CVE-2026-61389, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-07-16

Last updated on: 2026-07-16

Assigner: ICS-CERT

Description

An out-of-bounds write vulnerability in the Productivity Suite allows a local attacker to trigger kernel memory corruption via a crafted IOCTL request, potentially resulting in privilege escalation or system instability.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-07-16
Last Modified
2026-07-16
Generated
2026-07-17
AI Q&A
2026-07-16
EPSS Evaluated
N/A
NVD
EUVD

Affected Vendors & Products

Currently, no data is known.

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-787 The product writes data past the end, or before the beginning, of the intended buffer.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This is an out-of-bounds write vulnerability in the Productivity Suite that allows a local attacker to corrupt kernel memory by sending a specially crafted IOCTL request. This could lead to privilege escalation or system instability.

Detection Guidance

This vulnerability involves an out-of-bounds write in the Productivity Suite triggered by a crafted IOCTL request. Detection requires monitoring for unusual kernel memory corruption or privilege escalation events. Check system logs for IOCTL-related errors or kernel panics. Use tools like 'dmesg' to inspect kernel logs for memory corruption signs. No specific commands are provided in the context.

Impact Analysis

A local attacker could exploit this to gain higher privileges on your system or cause it to become unstable, potentially leading to crashes or denial of service.

Compliance Impact

This vulnerability could potentially impact compliance with GDPR and HIPAA by enabling unauthorized privilege escalation or system instability. Local attackers exploiting the out-of-bounds write flaw may gain elevated access, risking data breaches or unauthorized modifications to sensitive information.

Mitigation Strategies

Apply vendor-provided patches or updates for the Productivity Suite to address the out-of-bounds write vulnerability. Disable or restrict access to the affected IOCTL interface if patches are unavailable. Monitor system logs for suspicious activity related to kernel memory corruption.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-61389. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart