THREAT OPS › Threat News › ZDI-26-366: Fuji Electric Tellus pcid64 Driver File APIs Exposed Dangerous Method Arbitrary File Deletion Vulnerability
ZDI-26-366: Fuji Electric Tellus pcid64 Driver File APIs Exposed Dangerous Method Arbitrary File Deletion Vulnerability
This vulnerability allows local attackers to delete arbitrary files on affected installations of Fuji Electric Tellus. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 7.8. The following CVEs are assigned: CVE-2026-8108.
MITRE ATT&CK techniques
- File DeletionT1070.004
Indicators of compromise
- CVE-2026-8108cve
Original source: http://www.zerodayinitiative.com/advisories/ZDI-26-366/