Stack-Based Buffer Overflow in Bluetooth ACPI Drivers by Dynabook Inc.
CVE-2026-35553

8.4HIGH

Key Information:

Vendor: Dynabook Inc.
Status: Tosrfec.sys; Drfec.sys
Vendor: CVE Published:; 13 April 2026

🔔 Create Dynabook Inc. Vulnerability Alert

What is CVE-2026-35553?

The Bluetooth ACPI Drivers developed by Dynabook Inc. are susceptible to a stack-based buffer overflow vulnerability. This can allow an attacker to execute arbitrary code by manipulating specific registry values. It is critical for users to ensure that their systems are updated to mitigate potential risks associated with this vulnerability.

Affected Version(s)

DRFEC.SYS v11.0.0.0 and earlier

TOSRFEC.SYS all versions

References

https://global.sharp/corporate/info/product-security/advi...

https://corporate.jp.sharp/info/product-security/advisory...

https://jvn.jp/en/vu/JVNVU96334293/

CVSS V4

Score:

8.4

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Apr 13, 2026
Vulnerability Reserved
Apr 3, 2026

CVE-2026-35553 Data

JSON