Critical Local Privilege Escalation in Fuji Electric Tellus (CVE‑2026‑8108) Exposes System‑Level Access
What It Is — A flaw in the pcid64 driver of Fuji Electric’s Tellus industrial control platform exposes dangerous registry APIs. An attacker who can run low‑privileged code can invoke these APIs to gain SYSTEM privileges and execute arbitrary code.
Exploitability — Local‑only; requires prior low‑privilege code execution. No public exploit code, but the CVSS 7.8 rating (AV:L/AC:L/PR:L/UI:N) indicates a relatively easy path once foothold is achieved.
Affected Products — Fuji Electric Tellus (all versions containing the vulnerable pcid64 driver).
Why It Matters for Compliance & Audit Readiness
- Patch Management Controls – SOC 2 Change Management (CC6.1) requires documented, timely remediation of known vulnerabilities; this CVE tests the rigor of your patch‑deployment process.
- Privileged Access Monitoring – The escalation bypasses normal least‑privilege safeguards, underscoring the need for continuous evidence that privileged‑access controls are enforced and logged.
- Audit Trail Defensibility – Demonstrating that the vendor‑issued update was applied and that system‑integrity logs were captured provides concrete audit evidence for a SOC 2 audit.
Recommended Actions
- Deploy Fuji Electric’s security update for the pcid64 driver across all Tellus installations immediately.
- Update your asset inventory to record driver version and map the remediation to the SOC 2 Change Management control.
- Enable continuous monitoring of privileged process creation and retain logs as audit evidence.
Source: Zero Day Initiative Advisory ZDI‑26‑367 (CVE‑2026‑8108)