Elevation of Privilege Vulnerability in GIGABYTE Drivers
CVE-2018-19322

7.8HIGH

Key Information:

Vendor

Gigabyte

Status
Oc Guru Ii
Aorus Graphics Engine
Xtreme Gaming Engine
App Center
Vendor
CVE Published:
21 December 2018

Badges

πŸ’° RansomwareπŸ‘Ύ Exploit ExistsπŸ¦… CISA Reported

What is CVE-2018-19322?

The low-level drivers, GPCIDrv and GDrv, within GIGABYTE applications including APP Center and related graphics utilities, permit unauthorized read/write operations to IO ports. This could be exploited to execute arbitrary code with elevated privileges, posing a significant security risk to users who have these drivers installed.

CISA has reported CVE-2018-19322

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2018-19322 as being exploited and is known by the CISA as enabling ransomware campaigns.

The CISA's recommendation is: Apply updates per vendor instructions.

References

http://seclists.org/fulldisclosure/2018/Dec/39
mailing-listx_refsource_FULLDISC
https://www.secureauth.com/labs/advisories/gigabyte-drive...
x_refsource_MISC
http://www.securityfocus.com/bid/106252
vdb-entryx_refsource_BID

CVSS V3.1

Score:
7.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • πŸ’°

    Used in Ransomware

  • πŸ‘Ύ

    Exploit known to exist

  • πŸ¦…

    CISA Reported

  • Vulnerability published

  • Vulnerability Reserved

JSON
.
CVE-2018-19322 : Elevation of Privilege Vulnerability in GIGABYTE Drivers