CVE-2026-3609 PUBLISHED

XIGNCODE3 xhunter1.sys kernel driver contains a Privilege Escalation Vulnerability

Assigner: certcc
Reserved: 05.03.2026 Published: 11.05.2026 Updated: 11.05.2026

Wellbia's XIGNCODE3 xhunter1.sys kernel driver Privilege Escalation Vulnerability provides access to IRP_MJ_REITS command interface, which allows any user process to request a PROCESS_ALL_ACCESS. Cross reference to KVE 2023-5589 (https://krcert.or.kr)

Product Status

Vendor	Wellbia
Product	XIGNCODE3 Anti-Cheat
Versions	Version 10.0.10011.16384 is affected

References

https://crcert.or.kr
https://blacksnufkin.github.io/posts/AntiCheat-LPE-CVE-2026-3609/

Problem Types

CWE-269 Improper Privilege Management
CWE-732 Incorrect Permission Assignment for Critical Resource
CWE-284 Improper Access Control
CWE-266 Incorrect Privilege Assignment