Elevation of Privilege Vulnerability in GIGABYTE Drivers
CVE-2018-19322

7.8HIGH

Key Information:

Vendor: Gigabyte
Status: Oc Guru Ii; Aorus Graphics Engine; Xtreme Gaming Engine; App Center
Vendor: CVE Published:; 21 December 2018

Badges

💰 Ransomware👾 Exploit Exists🦅 CISA Reported

What is CVE-2018-19322?

The low-level drivers, GPCIDrv and GDrv, within GIGABYTE applications including APP Center and related graphics utilities, permit unauthorized read/write operations to IO ports. This could be exploited to execute arbitrary code with elevated privileges, posing a significant security risk to users who have these drivers installed.

CISA has reported CVE-2018-19322

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2018-19322 as being exploited and is known by the CISA as enabling ransomware campaigns.

The CISA's recommendation is: Apply updates per vendor instructions.

References

http://seclists.org/fulldisclosure/2018/Dec/39

mailing-listx_refsource_FULLDISC

https://www.secureauth.com/labs/advisories/gigabyte-drive...

x_refsource_MISC

http://www.securityfocus.com/bid/106252

vdb-entryx_refsource_BID

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

💰
Used in Ransomware
Oct 24, 2022
👾
Exploit known to exist
Oct 24, 2022
🦅
CISA Reported
Oct 24, 2022
Vulnerability published
Dec 21, 2018
Vulnerability Reserved
Nov 16, 2018

Gigabyte

Badges

What is CVE-2018-19322?

CISA has reported CVE-2018-19322

References

CVSS V3.1

Timeline