PatchSiren cyber security CVE debrief
CVE-2026-58583 FluxInk CVE debrief
CVE-2026-58583 is a local privilege escalation vulnerability in FluxInk (formerly Sunia SPB Peripheral) Color Management Driver (TcnPeripheral64.sys) 1.0.7.2, allowing standard users to escalate privileges via arbitrary physical memory mapping at Device PhysicalMemory. The vulnerability was fixed in version 1.0.7.6, which is available in the Windows 11 25H2 HLK (Hardware Lab Kit) and may be available through Windows Update or from Lenovo directly. System administrators and users of Lenovo devices with the FluxInk Color Management Driver installed should be aware of this vulnerability and take steps to update the driver to version 1.0.7.6.
- Vendor
- FluxInk
- Product
- Color Management Driver
- CVSS
- HIGH 8.4
- CISA KEV
- Not listed in stored evidence
- Original CVE published
- 2026-07-07
- Original CVE updated
- 2026-07-07
- Advisory published
- 2026-07-07
- Advisory updated
- 2026-07-07
Who should care
System administrators and users of Lenovo devices with the FluxInk Color Management Driver installed should be aware of this vulnerability and take steps to update the driver to version 1.0.7.6. Affected operators should review system configurations and user privileges to ensure the vulnerability is not being exploited. Vulnerability management and security teams should prioritize updating the driver and monitoring system logs for suspicious activity.
Technical summary
The FluxInk Color Management Driver (TcnPeripheral64.sys) 1.0.7.2 contains a local privilege escalation vulnerability. A standard user can exploit this vulnerability by mapping arbitrary physical memory at Device PhysicalMemory, allowing them to escalate their privileges. This issue was addressed in driver version 1.0.7.6, which is available in the Windows 11 25H2 HLK (Hardware Lab Kit) and may be available through Windows Update or from Lenovo directly. The vulnerability is considered High severity with a CVSS score of 8.4.
Defensive priority
High
Recommended defensive actions
- Update the FluxInk Color Management Driver to version 1.0.7.6 or later
- Verify that the driver version is 1.0.7.6 or later
- Monitor system logs for suspicious activity related to the driver
- Review compensating controls for exposed systems while remediation is scheduled and verified
- Check relevant monitoring, detection, and logs for exposed assets that need extra review
- Track exceptions, retest remediated assets, and close the item only after evidence is documented
- Confirm whether affected product deployments exist in managed environments and assign an owner for follow-up
Evidence notes
The CVE record was published on 2026-07-07T21:17:29.163Z and has not been modified since then. The NVD entry is currently 'Received'. The FluxInk Color Management Driver (TcnPeripheral64.sys) 1.0.7.2 vulnerability allows local privilege escalation via arbitrary physical memory mapping at Device PhysicalMemory. Evidence of exploitation is limited, and defenders should verify system logs for suspicious activity related to the driver. Additional review of system configurations and user privileges may be necessary to ensure the vulnerability is not being exploited.
Official resources
-
CVE-2026-58583 CVE record
CVE.org
-
CVE-2026-58583 NVD detail
NVD
-
Source item URL
nvd_modified
-
Source reference
9119a7d8-5eab-497f-8521-727c672e3725
-
Source reference
9119a7d8-5eab-497f-8521-727c672e3725
-
Source reference
9119a7d8-5eab-497f-8521-727c672e3725
AI-assisted PatchSiren debrief based on the supplied source corpus. The CVE record was published on 2026-07-07T21:17:29.163Z and has not been modified since then.