Fuji Tellus Driver Grants All Users Kernel R/W: CVE-2026-8108
The National Vulnerability Database has detailed CVE-2026-8108, a high-severity vulnerability (CVSS 7.8) affecting Fuji Tellus. This flaw stems from the installation of a kernel driver that indiscriminately grants read and write permissions to all system users. This isn’t just poor security hygiene; it’s a critical privilege escalation vector.
An attacker with even low-level access can leverage this to gain full control over the kernel. Think about that: any user, any process, suddenly has the keys to the kingdom. This is a fundamental breakdown in the operating system’s security model, making it trivial for malware to persist, evade detection, and execute arbitrary code with maximum privileges. The attacker’s calculus here is simple: if they can get a foothold on a system with Fuji Tellus, they’ve essentially won the privilege game.
For defenders, this means immediate action. Any system running Fuji Tellus is inherently compromised if an attacker can gain local access. This vulnerability provides a direct pathway to root, bypassing standard security controls and making incident response significantly harder. This isn’t about patching an application; it’s about a foundational flaw introduced at the kernel level.
What This Means For You
- If your organization uses Fuji Tellus, you need to understand that CVE-2026-8108 provides a direct path to kernel-level compromise for any local attacker. Immediately identify all systems running this software and assess the risk. Consider isolating or decommissioning systems until a fix is available, as the driver essentially disarms the kernel's security. This is a critical privilege escalation that must be addressed with urgency.
Related ATT&CK Techniques
🛡️ Detection Rules
3 rules · 6 SIEM formats3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.
Privilege Escalation via Fuji Tellus Driver Load - CVE-2026-8108
title: Privilege Escalation via Fuji Tellus Driver Load - CVE-2026-8108
id: scw-2026-05-12-ai-1
status: experimental
level: critical
description: |
Detects the loading of the 'TellusDriver.sys' driver, which is associated with Fuji Tellus and is known to grant all users kernel read/write permissions, enabling privilege escalation. This is a direct indicator of the vulnerability exploitation.
author: SCW Feed Engine (AI-generated)
date: 2026-05-12
references:
- https://shimiscyberworld.com/posts/nvd-CVE-2026-8108/
tags:
- attack.privilege_escalation
- attack.t1547.001
logsource:
category: driver_load
detection:
selection:
ImageLoaded|contains:
- 'TellusDriver.sys'
condition: selection
falsepositives:
- Legitimate administrative activity
Source: Shimi's Cyber World · License & reuse
Indicators of Compromise
| ID | Type | Indicator |
|---|---|---|
| CVE-2026-8108 | Privilege Escalation | Fuji Tellus driver installation |
| CVE-2026-8108 | Misconfiguration | Kernel driver with read and write permissions for all users |
Written by SCW Vulnerability Desk
Source & Attribution
| Source Platform | NVD |
| Channel | National Vulnerability Database |
| Published | May 13, 2026 at 02:16 UTC |
This content was AI-rewritten and enriched by Shimi's Cyber World based on the original source. All intellectual property rights remain with the original author.
Believe this infringes your rights? Submit a takedown request.
Related coverage
MonsterInsights WordPress Plugin Exposes Google OAuth Tokens
CVE-2026-5371 — The MonsterInsights – Google Analytics Dashboard for WordPress (Website Stats Made Easy) plugin for WordPress is vulnerable to unauthorized access and modification of...
ChurchCRM CVE-2026-44548: High-Severity CSRF Allows Silent Record Deletion
CVE-2026-44548 — ChurchCRM is an open-source church management system. Prior to 7.3.2, top-level cross-site GET navigation from an attacker-controlled page to FundRaiserDelete.php, PropertyTypeDelete.php, or NoteDelete.php...
CVE-2026-44547: ChurchCRM Critical Vulnerability Persists in 7.2.x Releases
CVE-2026-44547 — ChurchCRM is an open-source church management system. From 7.2.0 to 7.2.2, The fix for CVE-2026-4058 is incomplete. The hardening commit was merged and...