CVE-2026-8398

Warnung

Medienbericht

Exploit

EPSS 1.44%
Veröffentlicht 15.05.2026 07:30:29
Zuletzt bearbeitet 28.05.2026 12:57:00
Quelle vulnerability@kaspersky.com
CVE-Watchlists
Login
Unerledigt
Login

A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows versions 12.5.0.2421 through 12.5.0.2434), distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorized access to the vendor's (AVB Disc Soft) build or distribution infrastructure and trojanized three binaries: DTHelper.exe, DiscSoftBusServiceLite.exe, and DTShellHlp.exe. These files were digitally signed with the legitimate AVB Disc Soft code-signing certificate, allowing the malicious installers to appear trustworthy and bypass signature-based detection.

Betroffene Produkte Warnungen 1 Metriken 3 CWE 1 Referenzen 8

NVD 1 VulnDex Vulnerability Enrichment 0

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Disc-soft ≫ Daemon Tools Version12.5.1 SwEditionlite

Microsoft ≫ Windows Version-

27.05.2026: CISA Known Exploited Vulnerabilities (KEV) Catalog

Daemon Tools Lite Embedded Malicious Code Vulnerability

Schwachstelle

Daemon Tools contains an unspecified vulnerability that has a high impact on confidentiality, integrity, and availability.

Beschreibung

Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Erforderliche Maßnahmen

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	1.44%	0.697

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
vulnerability@kaspersky.com	9.3	0	0	CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vulnerability@kaspersky.com	9.8	3.9	5.9	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE-506 Embedded Malicious Code

The product contains code that appears to be malicious in nature.

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.

VulnDex Intel

Media Report

05.06.2026 12:46

Für Zugriff zu Vulnerability Intelligence ist ein VulnDex Zugang erforderlich.

VulnDex Intel

Media Report

05.06.2026 12:46

https://securelist.com/tr/daemon-tools-backdoor/119654/

Third Party Advisory

Exploit

https://blog.daemon-tools.cc/post/security-incident

Vendor Advisory

https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2026-8398

US Government Resource

https://nvd.nist.gov/vuln/detail/CVE-2026-8398

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2026-8398

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2026-8398

EUVD

Team-orientierte Vulnerability Management Plattform

Features der Plattform

CVE-2026-8398

27.05.2026: CISA Known Exploited Vulnerabilities (KEV) Catalog