CVE-2026-12779

AOMEI Dynamic Disk Manager Kernel Driver ddmdrv.sys access control

CVSS 8.5 HIGHEPSS 0.1%CWE-266 CWE-284

A vulnerability was found in AOMEI Dynamic Disk Manager up to 10.10.1. This issue affects some unknown processing in the library ddmdrv.sys of the component Kernel Driver. Performing a manipulation results in improper access controls. The attack must be initiated from a local position. The exploit has been made public and could be used. The vendor was contacted early about this disclosure but did not respond in any way.

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P

Affected products

AOMEI · Dynamic Disk Manager

public PoCs found — 1

cve_referencewinslow1984.com/books/cve-collection/page/aomei-dynamic-disk-manager-10101-kernel-driver-ddmdrvsys-local-privilege-escalationunverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://vuldb.com/cve/CVE-2026-12779 https://vuldb.com/submit/835608 https://vuldb.com/vuln/372520 https://vuldb.com/vuln/372520/cti https://winslow1984.com/books/cve-collection/page/aomei-dynamic-disk-manager-10101-kernel-driver-ddmdrvsys-local-privilege-escalation