Vulnerabilities > Asrock
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-07-23 | CVE-2020-14032 | Improper Privilege Management vulnerability in Asrock Box-R1000 Firmware ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM. | 9.8 |
| 2020-06-29 | CVE-2020-15368 | Unspecified vulnerability in Asrock RGB Driver Firmware AsrDrv103.sys in the ASRock RGB Driver does not properly restrict access from user space, as demonstrated by triggering a triple fault via a request to zero CR3. | 5.5 |
| 2018-10-30 | CVE-2018-10712 | Incorrect Permission Assignment for Critical Resource vulnerability in Asrock products The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read/write data from/to IO ports. | 7.8 |
| 2018-10-30 | CVE-2018-10711 | Improper Input Validation vulnerability in Asrock products The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write Machine Specific Registers (MSRs). | 7.8 |
| 2018-10-30 | CVE-2018-10710 | Incorrect Permission Assignment for Critical Resource vulnerability in Asrock products The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write arbitrary physical memory. | 7.1 |
| 2018-10-30 | CVE-2018-10709 | Incorrect Permission Assignment for Critical Resource vulnerability in Asrock products The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write CR register values. | 7.8 |