Critical Arbitrary File Deletion Vulnerability (CVE‑2026‑8108) in Fuji Electric Tellus Industrial Controllers
What It Is – A local‑privilege‑escalation flaw in the pcid64 driver of Fuji Electric’s Tellus platform lets a low‑privileged attacker invoke a dangerous API that can delete arbitrary files and ultimately execute code as SYSTEM.
Exploitability – The vulnerability is rated CVSS 7.8 (High) with a local attack vector, low complexity, and no user interaction required. No public exploit code has been released, but the detailed advisory and vendor patch indicate a viable attack path for adversaries who have already gained foothold on the device.
Affected Products – Fuji Electric Tellus (industrial control system platform).
Why It Matters for Compliance & Audit Readiness
- Control Mapping: The flaw highlights gaps in configuration‑management and file‑integrity controls (SOC 2 CC6.1, CC6.2). Mapping this to your control framework and collecting continuous evidence of remediation demonstrates due diligence.
- Audit Trail: Deploying the vendor’s patch and documenting the change‑management workflow provides verifiable audit artifacts for SOC 2 examinations and for customers demanding proof of secure operations.
Recommended Actions
- Patch Immediately – Apply Fuji Electric’s latest firmware update that disables the unsafe
pcid64methods. - Validate Post‑Patch Integrity – Run file‑integrity checks and verify that no unauthorized deletions occurred.
- Map to SOC 2 Controls – Document the vulnerability, remediation steps, and evidence in your control‑mapping repository (e.g., Control Mapping module).
- Enhance Monitoring – Enable logging of driver‑level calls and set alerts for anomalous file‑system activity.