Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.3
Portwell Engineering Toolkits: Memory Access Risk in Local Attacks
CVE-2026-3437
Summary
A security issue in Portwell Engineering Toolkits version 4.8.2 allows a local attacker with permission to access the toolkits to potentially read or modify sensitive data. This could lead to unauthorized access to system resources or disrupt the toolkits' functionality. Updates to the toolkits are needed to fix this issue.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions | Fix available |
|---|---|---|---|
| portwell | engineering_toolkits | 4.8.2 | – |
Original title
An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write ...
Original description
An Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Portwell Engineering Toolkits version 4.8.2 could allow a local authenticated attacker to read and write to arbitrary memory via the Portwell Engineering Toolkits driver. Successful exploitation of this vulnerability could result in escalation of privileges or cause a denial-of-service condition.
nvd CVSS3.1
7.8
nvd CVSS4.0
9.3
Vulnerability type
CWE-119
Buffer Overflow
- https://www.cisa.gov/news-events/ics-advisories/icsa-26-062-04 Third Party Advisory VDB Entry
Published: 3 Mar 2026 · Updated: 13 Mar 2026 · First seen: 6 Mar 2026