Home / Vulnerability Intelligence / CVE-2026-0037

CVE-2026-0037 - Vulnerability Analysis

HighCVSS: 8.4

Last Updated: March 3, 2026

ffa.c - Privilege Escalation

Published: March 2, 2026Updated: March 3, 2026

Overview

ffa.c contains a logic error causing possible memory corruption, letting local attackers escalate privileges without additional execution rights, exploit requires no user interaction.

Severity & Score

Severity: High

CVSS Score: 8.4

EPSS Score: 0.6%(Probability of exploitation in next 30 days)

Impact

Local attackers can escalate privileges, potentially gaining unauthorized access or control.

Mitigation

Update to the latest version containing the fix.

References

Social Media Activity(1 post)

TheHackerWire

@thehackerwire

Mar 2, 2026

🟠 CVE-2026-0037 - High (8.4) In multiple functions of ffa.c, there is a possible memory corruption due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. 🔗 https://www.thehackerwire.com/vulnerability/CVE-2026-0037/ #CVE #vulnerability #infosec #cybersecurity #security #Tenda #patchstack

View original post

Related Resources

Details

CVE ID: CVE-2026-0037
Severity: High
CVSS Score: 8.4
Type: undefined
Status: confirmed
EPSS: 0.6%
Social Posts: 1

CWE

CWE-787

CVSS Metrics

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

EPSS Score

0.6%Probability of exploitation in the next 30 days