PT-2018-3844 · Gigabyte · Xtreme Gaming Engine+3
Publicado
2018-12-21
·
Atualizado
2025-03-14
·
CVE-2018-19323
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
GIGABYTE APP Center versions 1.05.21 and earlier
AORUS GRAPHICS ENGINE versions before 1.57
XTREME GAMING ENGINE versions before 1.26
OC GURU II version 2.08
Description
The issue is related to the GDrv low-level driver, which exposes functionality to read and write Machine Specific Registers (MSRs). This is due to insufficient access control, allowing an attacker to potentially execute arbitrary code.
Recommendations
For GIGABYTE APP Center versions 1.05.21 and earlier, update to a version later than 1.05.21.
For AORUS GRAPHICS ENGINE versions before 1.57, update to version 1.57 or later.
For XTREME GAMING ENGINE versions before 1.26, update to version 1.26 or later.
For OC GURU II version 2.08, update to a version later than 2.08.
Exploit
Correção
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Aorus Graphics Engine
Gigabyte App Center
Oc Guru Ii
Xtreme Gaming Engine