CVE-2026-8108: Critical Kernel Driver Flaw in Fuji Tellus Exposes Systems to Privilege Escalation

A high-severity vulnerability has been identified in Fuji Tellus, exposing systems to potential local privilege escalation. CVE-2026-8108 carries a CVSS score of 7.8, reflecting the serious nature of a flaw that grants all users unrestricted read and write permissions through a kernel driver installed by the software. The vulnerability stems from how the installation process modifies kernel-level access controls, effectively bypassing standard permission boundaries that typically restrict such capabilities to privileged accounts.

Security researchers flagged the issue after analyzing the driver's behavior during and after Fuji Tellus installation. Unlike typical application-level vulnerabilities that require remote exploitation or user interaction, this flaw operates locally at the kernel level. Any user on an affected system—including standard, non-administrative accounts—gains kernel read/write access upon installation of the software. This effectively dismantles operating system permission models, enabling full system compromise from a low-privilege starting point.

System administrators running Fuji Tellus in enterprise or personal environments should prioritize applying vendor-issued patches or mitigation measures. The vulnerability has been documented through vulnerability intelligence platforms including Patchstack, with additional technical analysis available via the linked security advisory. Organizations should assess whether Fuji Tellus deployments are necessary given this attack vector, and if retained, implement immediate compensating controls until a patch is available.