← All drivers
vulnerable
Driver

pcdsrvc_x64.sys

PC-Doctor diagnostic toolbox driver (Dell SupportAssist and other OEM utilities)

From PC-Doctor
Part of the PC-Doctor family
Status
On a known-vulnerable list
Known variants
1 distinct hashes
Public CVEs
1
Field notes

pcdsrvc_x64.sys (with its 32-bit sibling pcdsrvc.sys) is the kernel component of PC-Doctor's diagnostic toolbox, an OEM utility most widely known as the engine inside Dell SupportAssist. The same component was embedded in other OEM system-health suites including Corsair Diagnostics and Staples EasyTech. SupportAssist alone shipped preinstalled on a very large share of Dell consumer laptops and desktops.

In 2019, SafeBreach researcher Peleg Hadar disclosed that the driver exposed a device interface that any local user could open, permitting arbitrary physical-memory read and write from a Microsoft-signed kernel driver. That is one of the cleanest possible BYOVD primitives, because the signed driver already exists on millions of machines and any local foothold can use it. The vulnerability is tracked as CVE-2019-12280. PC-Doctor and Dell shipped patched builds in mid-2019.

If you have a Dell laptop with SupportAssist installed (or one of the other affected OEM utilities), the driver is expected. Keep SupportAssist updated through Windows Update or Dell's own updater; if you do not use it, uninstall it.

What the record shows

pcdsrvc_x64.sys is listed as a known-vulnerable driver on the public LOLDrivers project. One distinct binary hash matching this filename is on record.

Public CVEs
What this means, plainly
Presence is not proof of misuse. Driver files on the LOLDrivers list commonly ship with legitimate hardware tools, gaming software, or vendor utilities. Their presence is recorded as evidence on a record. It is never treated as a verdict about a person.
Source

Status data comes from the public LOLDrivers project, a community-curated registry of drivers known to be vulnerable or malicious. The snapshot Vera uses was refreshed July 10, 2026. CVE links go to the NIST National Vulnerability Database.

Cite this entry

Vera Project. “pcdsrvc_x64.sys.” Vera Field Guide (Driver). The Vera Project. https://www.veraproject.xyz/field-guide/drivers/pcdsrvc-x64-sys