{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-12193: VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-12193","status":"final","version":"1","initial_release_date":"2026-06-14T23:30:14.771Z","current_release_date":"2026-06-14T23:30:14.771Z","revision_history":[{"date":"2026-06-14T23:30:14.771Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtl_Handler in the library RevoDetector.sys of the component IOCTL Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. Upgrading to version 2.7.0 is sufficient to fix this issue. It is recommended to upgrade the affected component.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-12193 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-12193"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-12193"},{"category":"external","summary":"VDB-370839 | VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow","url":"https://vuldb.com/vuln/370839"},{"category":"external","summary":"VDB-370839 | CTI Indicators (IOB, IOC, IOA)","url":"https://vuldb.com/vuln/370839/cti"},{"category":"external","summary":"CVE-2026-12193 | CVE Analysis and Report","url":"https://vuldb.com/cve/CVE-2026-12193"},{"category":"external","summary":"Submit #829132 | VS REVO GROUP RevoUninstaller <2.7.0   >2.5.0 Heap-based Buffer Overflow","url":"https://vuldb.com/submit/829132"},{"category":"external","summary":"Submit #829133 | VS REVO GROUP RevoUninstaller <2.7.0   >2.5.0 Heap-based Buffer Overflow (Duplicate)","url":"https://vuldb.com/submit/829133"},{"category":"external","summary":"jordanhiggins.blog","url":"https://jordanhiggins.blog/revouninstaller-pool-overflow-exploit/"},{"category":"external","summary":"github.com","url":"https://github.com/Kalagious/RevoDetectorExploit/tree/master"},{"category":"external","summary":"revouninstaller.com","url":"https://www.revouninstaller.com/start-freeware-download/"},{"category":"external","summary":"vandalsuidaho-my.sharepoint.com","url":"https://vandalsuidaho-my.sharepoint.com/:w:/g/personal/higg2059_vandals_uidaho_edu/IQAMHgdfpRAkSqDsoFVswIYNAXjPVFz-admcJyl5ITzYhu0?e=4Ywwza"},{"category":"external","summary":"youtu.be","url":"https://youtu.be/JR0KPjWRTns?si=Ff2bUDvv3butJyfP"}]},"product_tree":{"branches":[{"category":"vendor","name":"VS Revo","branches":[{"category":"product_name","name":"RevoUninstaller","branches":[{"category":"product_version","name":"2.5.*","product":{"name":"VS Revo RevoUninstaller 2.5.*","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:vs_revo:revouninstaller:*:*:*:*:*:*:*:*"}}},{"category":"product_version","name":"2.6.*","product":{"name":"VS Revo RevoUninstaller 2.6.*","product_id":"CSAFPID-2","product_identification_helper":{"cpe":"cpe:2.3:a:vs_revo:revouninstaller:*:*:*:*:*:*:*:*"}}},{"category":"product_version","name":"2.7.0","product":{"name":"VS Revo RevoUninstaller 2.7.0","product_id":"CSAFPID-3","product_identification_helper":{"cpe":"cpe:2.3:a:vs_revo:revouninstaller:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-12193","title":"VS Revo RevoUninstaller IOCTL RevoDetector.sys IOCtl_Handler heap-based overflow","notes":[{"category":"description","text":"A vulnerability was identified in VS Revo RevoUninstaller 2.5.x/2.6.x. The affected element is the function IOCtl_Handler in the library RevoDetector.sys of the component IOCTL Handler. Such manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit is publicly available and might be used. Upgrading to version 2.7.0 is sufficient to fix this issue. It is recommended to upgrade the affected component.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1","CSAFPID-2"],"fixed":["CSAFPID-3"]},"scores":[{"cvss_v4":{"version":"4.0","vectorString":"CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P","baseScore":8.5,"baseSeverity":"HIGH"},"products":["CSAFPID-1","CSAFPID-2"]}],"remediations":[{"category":"vendor_fix","details":"Update to a fixed version: 2.7.0.","product_ids":["CSAFPID-1","CSAFPID-2"],"url":"https://www.revouninstaller.com/start-freeware-download/"}]}]}