CVE-2026-12778

Published Jun 21, 2026

Last updated 17 hours ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2026-12778 is a vulnerability identified in AOMEI Partition Assistant, affecting versions up to and including 10.10.1. This flaw is located within the `ampa10.sys` kernel driver component, specifically concerning improper access controls. The vulnerability allows for unauthorized manipulation of system resources through local attack vectors. The exploit details have been publicly disclosed, and the vendor was reportedly informed prior to disclosure but did not provide a response.

Description: A vulnerability has been found in AOMEI Partition Assistant up to 10.10.1. This vulnerability affects unknown code in the library ampa10.sys of the component Kernel Driver. Such manipulation leads to improper access controls. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
Source: cna@vuldb.com
NVD status: Received

Risk scores

CVSS 4.0

Type: Secondary
Base score: 7.1
Impact score: -
Exploitability score: -
Vector string: CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Severity: HIGH

CVSS 3.1

Type: Primary
Base score: 7.8
Impact score: 5.9
Exploitability score: 1.8
Vector string: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Secondary
Base score: 6.8
Impact score: 10
Exploitability score: 3.1
Vector string: AV:L/AC:L/Au:S/C:C/I:C/A:C

Weaknesses

cna@vuldb.com: CWE-266

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score: 9

References

Sources include official advisories and independent security research.