Vulnerabilities > CVE-2018-19320 - Unspecified vulnerability in Gigabyte products

047910
CVSS 7.8 - HIGH
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
LOW
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH
local
low complexity
gigabyte

Summary

The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/150894/CORE-2018-0007.txt
idPACKETSTORM:150894
last seen2018-12-25
published2018-12-21
reporterCore Security Technologies
sourcehttps://packetstormsecurity.com/files/150894/GIGABYTE-Driver-Privilege-Escalation.html
titleGIGABYTE Driver Privilege Escalation