Vulnerabilities > CVE-2018-19323 - Unspecified vulnerability in Gigabyte products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes functionality to read and write Machine Specific Registers (MSRs).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 5 |
Packetstorm
data source | https://packetstormsecurity.com/files/download/150894/CORE-2018-0007.txt |
id | PACKETSTORM:150894 |
last seen | 2018-12-25 |
published | 2018-12-21 |
reporter | Core Security Technologies |
source | https://packetstormsecurity.com/files/150894/GIGABYTE-Driver-Privilege-Escalation.html |
title | GIGABYTE Driver Privilege Escalation |
References
- http://seclists.org/fulldisclosure/2018/Dec/39
- http://seclists.org/fulldisclosure/2018/Dec/39
- http://www.securityfocus.com/bid/106252
- http://www.securityfocus.com/bid/106252
- https://www.gigabyte.com/Support/Security/1801
- https://www.gigabyte.com/Support/Security/1801
- https://www.gigabyte.com/tw/Support/Utility/Graphics-Card
- https://www.gigabyte.com/tw/Support/Utility/Graphics-Card
- https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilities
- https://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilities