Industrial control software vulnerability allows users to gain system-level access through exposed kernel driver permissions.
- Fuji Electric Tellus 5.0.2 contains a high-severity privilege escalation vulnerability (CVE-2026-8108)
- The flaw stems from a kernel driver that grants all users read and write permissions upon installation
- CISA recommends installing Tellus only with administrator privileges as a temporary mitigation
The Cybersecurity and Infrastructure Security Agency has issued an advisory warning of a high-severity vulnerability in Fuji Electric’s Tellus industrial control software that could allow attackers to escalate privileges from user to system level.
The vulnerability, tracked as CVE-2026-8108, affects Tellus version 5.0.2 and has been assigned a CVSS score of 7.8. According to CISA’s advisory published on 12 May, the flaw occurs because the software’s installation process adds a kernel driver that grants all users read and write permissions.
Successful exploitation could enable an attacker to cause temporary denial of service conditions, open files, or delete files on affected systems. The vulnerability was discovered and reported by Kim Myung-gyu of Trend Micro Zero Day Initiative.
Fuji Electric Tellus is deployed worldwide across critical manufacturing sectors. The software is used for industrial control system monitoring and management in manufacturing environments.
The vulnerability is classified under CWE-749 (Exposed Dangerous Method or Function), indicating that the software exposes functionality that should be restricted to privileged users. The CVSS vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H indicates local access is required, but the attack complexity is low and requires only low-level privileges.
As a temporary mitigation, Fuji Electric recommends that Tellus be installed only with administrator privileges. However, this appears to be a workaround rather than a permanent fix for the underlying kernel driver permissions issue.
CISA has not indicated whether a software patch is available from Fuji Electric to address the root cause of the vulnerability. The agency recommends that organisations perform proper impact analysis and risk assessment before deploying defensive measures.
Why It Matters
This vulnerability poses significant risk to manufacturing organisations using Fuji Electric Tellus, as successful exploitation could lead to complete system compromise. For CISOs overseeing critical manufacturing environments, the flaw represents a pathway for lateral movement and potential operational disruption.
The local access requirement means attackers would need initial foothold on systems, but the low complexity and privilege requirements make exploitation straightforward once access is gained. Given the worldwide deployment across critical manufacturing sectors, this could affect supply chain operations and regulatory compliance requirements.
What To Do Now
- Review your environment for Fuji Electric Tellus 5.0.2 installations and implement administrator-only installation practices as recommended
- Conduct impact analysis and risk assessment before deploying additional defensive measures as advised by CISA
- Monitor for updates from Fuji Electric regarding a permanent patch for the kernel driver permissions issue
- Review access controls and monitoring for systems running Tellus to detect potential privilege escalation attempts
