CVE-2026-8108
CWE-749Published: May 12, 2026· Updated: May 13, 2026
Official Description
The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions.
Technical Analysis
CVE-2026-8108 requires local access, meaning attackers must already have a foothold on the target system.
Exploitation requires low privileges, which limits the exposure to scenarios where an attacker has already gained initial access.
A successful exploit results in complete confidentiality breach (data exposure), full integrity compromise (data manipulation), availability disruption (denial of service), with a CVSS base score of 7.8.
CVSS v3.1 Vector Breakdown
Exploit & PoC Resources
News & Research Mentioning CVE-2026-8108
View CSAF Summary Successful exploitation of this vulnerability could allow an attacker to elevate privileges from user to system, which may then enable the attacker to cause a temporary denial of service, open files, or delete files. The following versions of Fuji Electric Tellus are affected: Tellus 5.0.2 CVSS Vendor Equipment Vulnerabilities v3 7.8 Fuji Electric Fuji Electric Tellus Exposed Dangerous Method or Function Background Critical Infrastructure Sectors: Critical Manufacturing Countries/Areas Deployed: Worldwide Company Headquarters Location: Japan Vulnerabilities Expand All + CVE-2026-8108 The installation of Fuji Tellus adds a driver to the kernel which grants all users read and write permissions. View CVE Details Affected Products Fuji [xlite_meta score:76 src:CISA Alerts xlite_fp:6935128501ba8edf72fac273f237e7f3b293e5298088cbd5065068e97053331c]
All References (2)
Quick Facts
Known Threat Actors
Related CVEs (CWE-749)
Recommended Actions
- →Apply vendor patches immediately
- →Monitor CVE-2026-8108 in threat intel feeds
- →Review IDS/IPS signatures for exploitation attempts