HomeIntelligenceBrief
VULNERABILITY BRIEF🟠 High Vulnerability

Critical Arbitrary File Deletion Vulnerability (CVE‑2026‑8108) in Fuji Electric Tellus Industrial Controllers

Fuji Electric disclosed CVE‑2026‑8108, a local‑privilege‑escalation flaw in its Tellus platform that allows arbitrary file deletion and SYSTEM‑level code execution. The issue underscores the need for robust control mapping and continuous evidence collection to satisfy SOC 2 audit requirements.

LiveThreat™ Intelligence · 📅 June 25, 2026· 📰 zerodayinitiative.com
🟠
Severity
High
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
1 sector(s)
Actions
4 recommended
📰
Source
zerodayinitiative.com

Critical Arbitrary File Deletion Vulnerability (CVE‑2026‑8108) in Fuji Electric Tellus Industrial Controllers

What It Is – A local‑privilege‑escalation flaw in the pcid64 driver of Fuji Electric’s Tellus platform lets a low‑privileged attacker invoke a dangerous API that can delete arbitrary files and ultimately execute code as SYSTEM.

Exploitability – The vulnerability is rated CVSS 7.8 (High) with a local attack vector, low complexity, and no user interaction required. No public exploit code has been released, but the detailed advisory and vendor patch indicate a viable attack path for adversaries who have already gained foothold on the device.

Affected Products – Fuji Electric Tellus (industrial control system platform).

Why It Matters for Compliance & Audit Readiness

  • Control Mapping: The flaw highlights gaps in configuration‑management and file‑integrity controls (SOC 2 CC6.1, CC6.2). Mapping this to your control framework and collecting continuous evidence of remediation demonstrates due diligence.
  • Audit Trail: Deploying the vendor’s patch and documenting the change‑management workflow provides verifiable audit artifacts for SOC 2 examinations and for customers demanding proof of secure operations.

Recommended Actions

  • Patch Immediately – Apply Fuji Electric’s latest firmware update that disables the unsafe pcid64 methods.
  • Validate Post‑Patch Integrity – Run file‑integrity checks and verify that no unauthorized deletions occurred.
  • Map to SOC 2 Controls – Document the vulnerability, remediation steps, and evidence in your control‑mapping repository (e.g., Control Mapping module).
  • Enhance Monitoring – Enable logging of driver‑level calls and set alerts for anomalous file‑system activity.

Source: Zero Day Initiative Advisory ZDI‑26‑366

📰 Original Source
http://www.zerodayinitiative.com/advisories/ZDI-26-366/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Misconfigurations are control gaps in disguise.

Verisq AI Trust Operations turns findings like this into mapped controls with continuous evidence, keeping your audit readiness current instead of point-in-time.

Map your controls with Verisq AI Trust Operations →