exploitDog

GHSA-vv86-whxx-rv84

Опубликовано: 13 мая 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

Ссылки

EPSS

Процентиль: 86%

0.02884

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-749

Связанные уязвимости

CVE-2018-19322

CVSS3: 7.8

nvd

около 7 лет назад

The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

BDU:2022-06642

CVSS3: 7.8

fstec

около 7 лет назад

Уязвимость драйверов GPCIDrv и GDrv программа для настройки видеокарт производства Gigabyte Aorus Engine, программы управления приложениями GIGABYTE App Center, программы мониторинга состояния видеокарт Extreme Gaming Engine, позволяющая нарушителю выполнить произвольный код

EPSS

Процентиль: 86%

0.02884

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-749