7.8
CVE-2018-19321
- EPSS 40.03%
- Veröffentlicht 21.12.2018 23:29:00
- Zuletzt bearbeitet 07.11.2025 19:09:42
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
LoginThe GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Gigabyte ≫ Aorus Graphics Engine Version < 1.57
Gigabyte ≫ App Center Version < 19.0422.1
Gigabyte ≫ Oc Guru Ii Version2.08
Gigabyte ≫ Xtreme Gaming Engine Version < 1.26
24.10.2022: CISA Known Exploited Vulnerabilities (KEV) Catalog
GIGABYTE Multiple Products Privilege Escalation Vulnerability
SchwachstelleThe GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
BeschreibungApply updates per vendor instructions.
Erforderliche Maßnahmen| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 40.03% | 0.972 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|
| nvd@nist.gov | 7.2 | 3.9 | 10 |
AV:L/AC:L/Au:N/C:C/I:C/A:C
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 7.8 | 1.8 | 5.9 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
|