PatchSiren

PatchSiren cyber security CVE debrief

CVE-2026-58583 FluxInk CVE debrief

CVE-2026-58583 is a local privilege escalation vulnerability in FluxInk (formerly Sunia SPB Peripheral) Color Management Driver (TcnPeripheral64.sys) 1.0.7.2, allowing standard users to escalate privileges via arbitrary physical memory mapping at Device PhysicalMemory. The vulnerability was fixed in version 1.0.7.6, which is available in the Windows 11 25H2 HLK (Hardware Lab Kit) and may be available through Windows Update or from Lenovo directly. System administrators and users of Lenovo devices with the FluxInk Color Management Driver installed should be aware of this vulnerability and take steps to update the driver to version 1.0.7.6.

Vendor
FluxInk
Product
Color Management Driver
CVSS
HIGH 8.4
CISA KEV
Not listed in stored evidence
Original CVE published
2026-07-07
Original CVE updated
2026-07-07
Advisory published
2026-07-07
Advisory updated
2026-07-07

Who should care

System administrators and users of Lenovo devices with the FluxInk Color Management Driver installed should be aware of this vulnerability and take steps to update the driver to version 1.0.7.6. Affected operators should review system configurations and user privileges to ensure the vulnerability is not being exploited. Vulnerability management and security teams should prioritize updating the driver and monitoring system logs for suspicious activity.

Technical summary

The FluxInk Color Management Driver (TcnPeripheral64.sys) 1.0.7.2 contains a local privilege escalation vulnerability. A standard user can exploit this vulnerability by mapping arbitrary physical memory at Device PhysicalMemory, allowing them to escalate their privileges. This issue was addressed in driver version 1.0.7.6, which is available in the Windows 11 25H2 HLK (Hardware Lab Kit) and may be available through Windows Update or from Lenovo directly. The vulnerability is considered High severity with a CVSS score of 8.4.

Defensive priority

High

Recommended defensive actions

  • Update the FluxInk Color Management Driver to version 1.0.7.6 or later
  • Verify that the driver version is 1.0.7.6 or later
  • Monitor system logs for suspicious activity related to the driver
  • Review compensating controls for exposed systems while remediation is scheduled and verified
  • Check relevant monitoring, detection, and logs for exposed assets that need extra review
  • Track exceptions, retest remediated assets, and close the item only after evidence is documented
  • Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up

Evidence notes

The CVE record was published on 2026-07-07T21:17:29.163Z and has not been modified since then. The NVD entry is currently 'Received'. The FluxInk Color Management Driver (TcnPeripheral64.sys) 1.0.7.2 vulnerability allows local privilege escalation via arbitrary physical memory mapping at Device PhysicalMemory. Evidence of exploitation is limited, and defenders should verify system logs for suspicious activity related to the driver. Additional review of system configurations and user privileges may be necessary to ensure the vulnerability is not being exploited.

Official resources

AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-07T21:17:29.163Z and has not been modified since then.