CVE-2026-58583

CVE-2026-58583CVE-2026-58583

Description

FluxInk (formerly Sunia SPB Peripheral) Color Management Driver (TcnPeripheral64.sys) 1.0.7.2 allows local privilege escalation for a standard user account via arbitrary physical memory mapping at \Device\PhysicalMemory. Fixed in version 1.0.7.6. The fixed driver is currently available in the Windows 11 25H2 HLK (Hardware Lab Kit). The fixed driver may be available through Windows Update or from Lenovo directly.

Scoring

CVSS 7.1 ()
VectorCVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Last modified2026-07-07
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.