CVE-2026-12168
HighCVSS 7.8Exploitation Probability (EPSS)
Low risk3th percentile — higher than 3% of all known CVEs
Summary
An improper validation vulnerability in the `GFAC_Sys_x64.sys` driver of Little Orbit GFAC allows a local attacker to escalate privileges to SYSTEM and execute arbitrary code in kernel mode via crafted messages sent through a Minifilter communication port.
Risk Assessment
The risk includes full system compromise by a local attacker, potentially leading to malware installation, data theft, or permanent system damage.
Recommendation
Immediately update the GFAC driver to the latest version provided by the vendor and restrict local system access to trusted users only.
Original NVD description (English source)
An improper validation vulnerability for driver `GFAC_Sys_x64.sys` in Little Orbit GFAC allows a local attacker to escalate privileges to SYSTEM and execute arbitrary code in kernel mode via crafted messages sent through a Minifilter communication port.

