CVE-2026-0828
HighCVSS 7.5Exploitation Probability (EPSS)
Low risk37th percentile — higher than 37% of all known CVEs
Summary
The kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x64, versions 10.5.75.0 and 11.11.4.0, allows an unprivileged user to abuse the IOCTL path and terminate protected system processes.
Risk Assessment
An attacker without administrative privileges can stop critical system processes, leading to system crashes or bypassing endpoint security.
Recommendation
Immediately update Safetica software to a version that fixes this vulnerability and restrict access to the ProcessMonitorDriver.sys driver for unprivileged users.
Original NVD description (English source)
Kernel driver ProcessMonitorDriver.sys in Safetica's endpoint client x64 , versions 10.5.75.0 and 11.11.4.0, allows unprivileged user to abuse IOCTL path and terminate protected system processes.

