CVE-2026-8398
Possible ATT&CK Techniques 3AI
T1136 · Create Account T1059 · Command and Scripting Interpreter T1195.002 · Compromise Software Supply ChainAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| AVB Disc Soft | DAEMON Tools Lite | 12.5.0.2421< 2.6.0.* | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-8398
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows versions 12.5.0.2421 through 12.5.0.2434), distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorized access to the vendor's (AVB Disc Soft) build or distribution infrastructure and trojanized three binaries: DTHelper.exe, DiscSoftBusServiceLite.exe, and DTShellHlp.exe. These files were digitally signed with the legitimate AVB Disc Soft code-signing certificate, allowing the malicious installers to appear trustworthy and bypass signature-based detection.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
内嵌的恶意代码
Source: NVD (National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| AVB Disc Soft | DAEMON Tools Lite | 12.5.0.2421 ~ 2.6.0.* | - |
II. Public POCs for CVE-2026-8398
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-8398
请登录查看更多情报信息。
- https://blog.daemon-tools.cc/post/security-incidentvendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-8398
IV. Related Vulnerabilities
Same weakness: CWE-506
- CVE-2026-44484
Compromise of PyTorch Lightning PyPi Package Versions - CVE-2026-45321
Malware in 42 @tanstack/* packages exfiltrates cloud credent - CVE-2026-6443
Essentialplugin Plugins (Various Versions) - Injected Backdo - CVE-2026-34424
Smart Slider 3 Pro 3.5.1.35 Supply Chain Attack Remote Acces - CVE-2026-33634
Trivy ecosystem supply chain briefly compromised
V. Comments for CVE-2026-8398
No comments yet