{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-12780", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "state": "PUBLISHED", "assignerShortName": "VulDB", "dateReserved": "2026-06-20T09:36:11.510Z", "datePublished": "2026-06-21T05:30:08.835Z", "dateUpdated": "2026-06-22T16:13:04.211Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-06-21T05:30:08.835Z"}, "title": "AOMEI Backupper Kernel Driver amwrtdrv.sys access control", "problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-284", "lang": "en", "description": "Improper Access Controls"}]}, {"descriptions": [{"type": "CWE", "cweId": "CWE-266", "lang": "en", "description": "Incorrect Privilege Assignment"}]}], "affected": [{"vendor": "AOMEI", "product": "Backupper", "versions": [{"version": "8.0", "status": "affected"}, {"version": "8.1", "status": "affected"}, {"version": "8.2", "status": "affected"}, {"version": "8.3.0", "status": "affected"}], "cpes": ["cpe:2.3:a:aomei:backupper:*:*:*:*:*:*:*:*"], "modules": ["Kernel Driver"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in AOMEI Backupper up to 8.3.0. Impacted is an unknown function in the library amwrtdrv.sys of the component Kernel Driver. Executing a manipulation can lead to improper access controls. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way."}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.5, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "baseSeverity": "HIGH"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.8, "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R", "baseSeverity": "HIGH"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.8, "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "timeline": [{"time": "2026-06-20T00:00:00.000Z", "lang": "en", "value": "Advisory disclosed"}, {"time": "2026-06-20T02:00:00.000Z", "lang": "en", "value": "VulDB entry created"}, {"time": "2026-06-20T11:41:22.000Z", "lang": "en", "value": "VulDB entry last update"}], "credits": [{"lang": "en", "value": "winslow1984 (VulDB User)", "type": "reporter"}, {"lang": "en", "value": "VulDB CNA Team", "type": "coordinator"}], "references": [{"url": "https://vuldb.com/vuln/372521", "name": "VDB-372521 | AOMEI Backupper Kernel Driver amwrtdrv.sys access control", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/vuln/372521/cti", "name": "VDB-372521 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/cve/CVE-2026-12780", "name": "CVE-2026-12780 | CVE Analysis and Report", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/835609", "name": "Submit #835609 | AOMEI AOMEI Backupper Kernel Driver amwrtdrv.sys 8.3.0 Local Privilege Escapation", "tags": ["third-party-advisory"]}, {"url": "https://winslow1984.com/books/cve-collection/page/aomei-backupper-830-kernel-driver-amwrtdrvsys-local-privilege-escalation", "tags": ["exploit"]}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-06-22T16:12:11.602552Z", "id": "CVE-2026-12780", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-06-22T16:13:04.211Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"cna": {"title": "AOMEI Backupper Kernel Driver amwrtdrv.sys access control", "credits": [{"lang": "en", "type": "reporter", "value": "winslow1984 (VulDB User)"}, {"lang": "en", "type": "coordinator", "value": "VulDB CNA Team"}], "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.5, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P"}}, {"cvssV3_1": {"version": "3.1", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R"}}, {"cvssV3_0": {"version": "3.0", "baseScore": 7.8, "baseSeverity": "HIGH", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:P/RL:X/RC:R"}}, {"cvssV2_0": {"version": "2.0", "baseScore": 6.8, "vectorString": "AV:L/AC:L/Au:S/C:C/I:C/A:C/E:POC/RL:ND/RC:UR"}}], "affected": [{"cpes": ["cpe:2.3:a:aomei:backupper:*:*:*:*:*:*:*:*"], "vendor": "AOMEI", "modules": ["Kernel Driver"], "product": "Backupper", "versions": [{"status": "affected", "version": "8.0"}, {"status": "affected", "version": "8.1"}, {"status": "affected", "version": "8.2"}, {"status": "affected", "version": "8.3.0"}]}], "timeline": [{"lang": "en", "time": "2026-06-20T00:00:00.000Z", "value": "Advisory disclosed"}, {"lang": "en", "time": "2026-06-20T02:00:00.000Z", "value": "VulDB entry created"}, {"lang": "en", "time": "2026-06-20T11:41:22.000Z", "value": "VulDB entry last update"}], "references": [{"url": "https://vuldb.com/vuln/372521", "name": "VDB-372521 | AOMEI Backupper Kernel Driver amwrtdrv.sys access control", "tags": ["vdb-entry"]}, {"url": "https://vuldb.com/vuln/372521/cti", "name": "VDB-372521 | CTI Indicators (IOB, IOC, TTP, IOA)", "tags": ["signature", "permissions-required"]}, {"url": "https://vuldb.com/cve/CVE-2026-12780", "name": "CVE-2026-12780 | CVE Analysis and Report", "tags": ["third-party-advisory"]}, {"url": "https://vuldb.com/submit/835609", "name": "Submit #835609 | AOMEI AOMEI Backupper Kernel Driver amwrtdrv.sys 8.3.0 Local Privilege Escapation", "tags": ["third-party-advisory"]}, {"url": "https://winslow1984.com/books/cve-collection/page/aomei-backupper-830-kernel-driver-amwrtdrvsys-local-privilege-escalation", "tags": ["exploit"]}], "descriptions": [{"lang": "en", "value": "A vulnerability was determined in AOMEI Backupper up to 8.3.0. Impacted is an unknown function in the library amwrtdrv.sys of the component Kernel Driver. Executing a manipulation can lead to improper access controls. The attack needs to be launched locally. The exploit has been publicly disclosed and may be utilized. The vendor was contacted early about this disclosure but did not respond in any way."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-284", "description": "Improper Access Controls"}]}, {"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-266", "description": "Incorrect Privilege Assignment"}]}], "providerMetadata": {"orgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "shortName": "VulDB", "dateUpdated": "2026-06-21T05:30:08.835Z"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-12780", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-06-22T16:12:11.602552Z"}}}], "providerMetadata": {"shortName": "CISA-ADP", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "dateUpdated": "2026-06-22T16:12:15.726Z"}}]}, "cveMetadata": {"cveId": "CVE-2026-12780", "state": "PUBLISHED", "dateUpdated": "2026-06-21T05:30:08.835Z", "dateReserved": "2026-06-20T09:36:11.510Z", "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5", "datePublished": "2026-06-21T05:30:08.835Z", "assignerShortName": "VulDB"}, "dataVersion": "5.2"}

{}

{}

{"created": "2026-06-21T10:00:06.681807+00:00", "updated": "2026-06-21T10:00:06.681813+00:00", "vendors": []}