CVE-2026-8398
Possible ATT&CK Techniques 3AI
T1136 · Create Account T1059 · Command and Scripting Interpreter T1195.002 · Compromise Software Supply ChainAffected Version Matrix 1
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| AVB Disc Soft | DAEMON Tools Lite | 12.5.0.2421< 2.6.0.* | affected |
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2026-8398
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
A supply chain attack compromised the official installation packages of DAEMON Tools Lite (Windows versions 12.5.0.2421 through 12.5.0.2434), distributed from the legitimate website daemon-tools.cc between approximately April 8, 2026, and May 5, 2026. Attackers gained unauthorized access to the vendor's (AVB Disc Soft) build or distribution infrastructure and trojanized three binaries: DTHelper.exe, DiscSoftBusServiceLite.exe, and DTShellHlp.exe. These files were digitally signed with the legitimate AVB Disc Soft code-signing certificate, allowing the malicious installers to appear trustworthy and bypass signature-based detection.
Source: NVD (National Vulnerability Database)
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Source: NVD (National Vulnerability Database)
Vulnerability Type
内嵌的恶意代码
Source: NVD (National Vulnerability Database)
Vulnerability Title
Disc Soft DAEMON Tools Lite 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
Disc Soft DAEMON Tools Lite是Disc Soft公司的一款支持光盘镜像挂载、虚拟光驱创建与镜像文件管理的软件。 Disc Soft DAEMON Tools Lite 12.5.0.2421版本至12.5.0.2434版本存在安全漏洞,该漏洞源于供应链攻击,攻击者未经授权访问供应商构建或分发基础设施,将三个二进制文件植入木马,这些文件使用合法代码签名证书签名,使恶意安装程序看似可信并绕过基于签名的检测。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| AVB Disc Soft | DAEMON Tools Lite | 12.5.0.2421 ~ 2.6.0.* | - |
II. Public POCs for CVE-2026-8398
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2026-8398
请登录查看更多情报信息。
- https://blog.daemon-tools.cc/post/security-incidentvendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2026-8398
IV. Related Vulnerabilities
Same weakness: CWE-506
- CVE-2026-44484
Compromise of PyTorch Lightning PyPi Package Versions - CVE-2026-45321
Malware in 42 @tanstack/* packages exfiltrates cloud credent - CVE-2026-6443
Essentialplugin Plugins (Various Versions) - Injected Backdo - CVE-2026-34424
Smart Slider 3 Pro 3.5.1.35 Supply Chain Attack Remote Acces - CVE-2026-33634
Trivy ecosystem supply chain briefly compromised
V. Comments for CVE-2026-8398
No comments yet