Privilege Escalation Vulnerability in ASRock Drivers
CVE-2018-10711

7.8HIGH

Key Information:

Vendor

Asrock

Status
F-stream
A-tuning
Restart To Uefi
Rgbled
Vendor
CVE Published:
30 October 2018

What is CVE-2018-10711?

The low-level drivers in ASRock RGBLED, A-Tuning, F-Stream, and RestartToUEFI prior to specific versions contain vulnerabilities that permit reading and writing of Machine Specific Registers (MSRs). This functionality could potentially be exploited to execute arbitrary code with elevated privileges, posing significant security risks.

References

https://www.secureauth.com/labs/advisories/asrock-drivers...
x_refsource_MISC
https://www.exploit-db.com/exploits/45716/
exploitx_refsource_EXPLOIT-DB

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2018-10711 : Privilege Escalation Vulnerability in ASRock Drivers