Improper Access Control in Gigabyte Control Center by GIGABYTE Technology
CVE-2026-9492
8.5HIGH
What is CVE-2026-9492?
The MBStorage DRAM lighting control module within the Gigabyte Control Center has a vulnerability that allows authenticated local attackers to leverage specific IOCTL commands via the MyPortIO_x64.sys driver. This exploitation permits unauthorized read and write access to physical memory, thereby granting potential kernel-level privileges, which could lead to severe system compromise and unauthorized data exposure.
Affected Version(s)
MBStorage 0 <= 26.02.10.01
