CVE-2026-29923

HIGH

The pstrip64.sys driver in EnTech Taiwan PowerStrip <=3.90.736 allows local users to escalate privileges to SYSTEM via a crafted IOCTL request enabling unprivileged users to map arbitrary physical memory into their address space and modify critical kernel structures.

CVSS v3.1 Score

7.8

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Attack Vector

LOCAL

Complexity

LOW

Privileges

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

HIGH

Availability

HIGH

Published: 4/9/2026Modified: 4/14/2026

Related Intelligence (1)

MEDIUMVulnerability

CVE-2026-29923 - Local Privilege Escalation Attack via pstrip64.sys

[object Object]

CVE-2026-29923

Apr 13, 2026r/blueteamsec

References (3)

https://entechtaiwan.com/util/ps.shtm https://packetstorm.news/files/id/218394/https://packetstorm.news/files/id/218394/