Improper Access Control in EaseUS PM 14.5 Kernel Driver epmntdrv.sys (Local PVE)
CVE-2026-12781 Published on June 21, 2026
EaseUS Partition Master Kernel Driver epmntdrv.sys access control
A vulnerability was identified in EaseUS Partition Master up to 14.5. The affected element is an unknown function in the library epmntdrv.sys of the component Kernel Driver. The manipulation leads to improper access controls. The attack needs to be performed locally. The exploit is publicly available and might be used. You should upgrade the affected component. The vendor explains: "We have confirmed that this issue was present only in older versions of the product. Our product has since been updated, and the issue has been resolved in the latest version, so it no longer exists."
Timeline
Advisory disclosed
VulDB entry created
VulDB entry last update
Weakness Types
What is an Authorization Vulnerability?
The software does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
CVE-2026-12781 has been classified to as an Authorization vulnerability or weakness.
Incorrect Privilege Assignment
A product incorrectly assigns a privilege to a particular actor, creating an unintended sphere of control for that actor.
Products Associated with CVE-2026-12781
Want to know whenever a new CVE is published for Easeus Partition Master? stack.watch will email you.
Affected Versions
EaseUS Partition Master:- Version 14.0 is affected.
- Version 14.1 is affected.
- Version 14.2 is affected.
- Version 14.3 is affected.
- Version 14.4 is affected.
- Version 14.5 is affected.