The vulnerability resides in the pstrip64.sys driver of the EnTech Taiwan PowerStrip, which permits local users to issue a specially crafted IOCTL request that maps arbitrary physical memory into the process address space. This mapping enables a low‑privileged user to read or write any memory, including critical kernel data structures. Because the driver runs with SYSTEM privileges, a successful exploitation results in privilege escalation to SYSTEM, giving the attacker full control over the system. The flaw is rooted in improper privilege management (CWE-269).

This flaw affects installers of EnTech Taiwan PowerStrip for all platforms where the pstrip64.sys driver is installed. Vulnerable versions are any release up to and including 3.90.736. The issue is limited to the specified driver; other EnTech products are not mentioned.

The CVSS base score of 7.8 indicates a high severity level, while the EPSS score of less than 1% suggests a low probability of widespread exploitation in the near term. The flaw is not listed in the CISA KEV catalog, implying no known widespread active exploitation. To exploit the vulnerability, an attacker must be present on the system with user‑level access and must be able to invoke the driver’s IOCTL interface. Once the arbitrary physical memory mapping is achieved, the attacker can manipulate kernel data structures, effectively achieving SYSTEM privileges.