Vulnerabilities > Asrock > Rgbled > High

DATE CVE VULNERABILITY TITLE RISK
2018-10-30 CVE-2018-10712 Incorrect Permission Assignment for Critical Resource vulnerability in Asrock products
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read/write data from/to IO ports.
local
low complexity
asrock CWE-732
7.8
7.8
2018-10-30 CVE-2018-10711 Improper Input Validation vulnerability in Asrock products
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write Machine Specific Registers (MSRs).
local
low complexity
asrock CWE-20
7.8
7.8
2018-10-30 CVE-2018-10710 Incorrect Permission Assignment for Critical Resource vulnerability in Asrock products
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write arbitrary physical memory.
local
low complexity
asrock CWE-732
7.1
7.1
2018-10-30 CVE-2018-10709 Incorrect Permission Assignment for Critical Resource vulnerability in Asrock products
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write CR register values.
local
low complexity
asrock CWE-732
7.8
7.8