Diego Juarez

**Name of the Vulnerable Software and Affected Versions** ASUS Aura Sync versions 1.07.22 and earlier **Description** The issue in ASUS Aura Sync allows for the exposure of functionality to read and write Machine Specific Registers (MSRs), which could potentially be used to execute arbitrary ring-0 code. **Recommendations** For versions 1.07.22 and earlier, update to a version later than 1.07.22 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** ASUS Aura Sync versions 1.07.22 and earlier **Description** The issue concerns the GLCKIo low-level driver in ASUS Aura Sync, which allows writing an arbitrary DWORD to an arbitrary address. **Recommendations** For versions 1.07.22 and earlier, update to a version later than 1.07.22 to resolve the issue.

**Name of the Vulnerable Software and Affected Versions** GIGABYTE APP Center versions 1.05.21 and earlier AORUS GRAPHICS ENGINE versions prior to 1.57 XTREME GAMING ENGINE versions prior to 1.26 OC GURU II version 2.08 and earlier **Description** The issue is related to the GPCIDrv and GDrv low-level drivers, which expose functionality to read and write arbitrary physical memory due to an open IOCTL with insufficient access control. This could be leveraged by a local attacker to elevate privileges. **Recommendations** For GIGABYTE APP Center versions 1.05.21 and earlier, update to a version later than 1.05.21. For AORUS GRAPHICS ENGINE versions prior to 1.57, update to version 1.57 or later. For XTREME GAMING ENGINE versions prior to 1.26, update to version 1.26 or later. For OC GURU II version 2.08 and earlier, update to a version later than 2.08.

**Name of the Vulnerable Software and Affected Versions** GIGABYTE APP Center versions 1.05.21 and earlier AORUS GRAPHICS ENGINE versions prior to 1.57 XTREME GAMING ENGINE versions prior to 1.26 OC GURU II version 2.08 and earlier GIGABYTE Multiple Products (affected versions not specified) **Description** The issue is related to insufficient access control in the GDrv driver, which is part of various GIGABYTE programs, including Aorus Engine, GIGABYTE App Center, and Extreme Gaming Engine. This could allow an attacker to execute arbitrary code, potentially taking complete control of the affected system. The vulnerability is associated with the low-level driver in these applications, exposing ring0 memcpy-like functionality. **Recommendations** For GIGABYTE APP Center versions 1.05.21 and earlier, update to a version later than 1.05.21. For AORUS GRAPHICS ENGINE versions prior to 1.57, update to version 1.57 or later. For XTREME GAMING ENGINE versions prior to 1.26, update to version 1.26 or later. For OC GURU II version 2.08 and earlier, update to a version later than 2.08. As a temporary workaround, consider restricting access to the GDrv driver until a patch is available.

**Name of the Vulnerable Software and Affected Versions** GIGABYTE APP Center versions 1.05.21 and earlier AORUS GRAPHICS ENGINE versions prior to 1.57 XTREME GAMING ENGINE versions prior to 1.26 OC GURU II version 2.08 and earlier **Description** The issue is related to errors in the implementation of methods and functions in the GPCIDrv and GDrv drivers used by various Gigabyte programs, including the Aorus Engine, GIGABYTE App Center, and Extreme Gaming Engine. This could allow an attacker to execute arbitrary code, potentially leading to elevated privileges. The vulnerability exposes functionality to read/write data from/to IO ports, which could be leveraged to run code with elevated privileges. **Recommendations** For GIGABYTE APP Center versions 1.05.21 and earlier, update to a version later than 1.05.21. For AORUS GRAPHICS ENGINE versions prior to 1.57, update to version 1.57 or later. For XTREME GAMING ENGINE versions prior to 1.26, update to version 1.26 or later. For OC GURU II version 2.08 and earlier, update to a version later than 2.08.

**Name of the Vulnerable Software and Affected Versions** ASRock RGBLED versions prior to 1.0.35.1 A-Tuning versions prior to 3.0.210 F-Stream versions prior to 3.0.210 RestartToUEFI versions prior to 1.0.6.2 **Description** The issue concerns the exposure of functionality to read and write CR register values through low-level drivers in several software products. This could potentially be leveraged to run code with elevated privileges. **Recommendations** For ASRock RGBLED versions prior to 1.0.35.1, update to version 1.0.35.1 or later. For A-Tuning versions prior to 3.0.210, update to version 3.0.210 or later. For F-Stream versions prior to 3.0.210, update to version 3.0.210 or later. For RestartToUEFI versions prior to 1.0.6.2, update to version 1.0.6.2 or later.

**Name of the Vulnerable Software and Affected Versions** ASRock RGBLED versions prior to 1.0.35.1 A-Tuning versions prior to 3.0.210 F-Stream versions prior to 3.0.210 RestartToUEFI versions prior to 1.0.6.2 **Description** The issue concerns the exposure of functionality to read/write data from/to IO ports by low-level drivers in several software products. This could potentially be leveraged to run code with elevated privileges. **Recommendations** For ASRock RGBLED versions prior to 1.0.35.1, update to version 1.0.35.1 or later. For A-Tuning versions prior to 3.0.210, update to version 3.0.210 or later. For F-Stream versions prior to 3.0.210, update to version 3.0.210 or later. For RestartToUEFI versions prior to 1.0.6.2, update to version 1.0.6.2 or later.

**Name of the Vulnerable Software and Affected Versions** ASRock RGBLED versions prior to 1.0.35.1 A-Tuning versions prior to 3.0.210 F-Stream versions prior to 3.0.210 RestartToUEFI versions prior to 1.0.6.2 **Description** The issue allows a local attacker to elevate privileges by leveraging the exposed functionality of the AsrDrv101.sys and AsrDrv102.sys low-level drivers to read and write arbitrary physical memory. **Recommendations** For ASRock RGBLED versions prior to 1.0.35.1, update to version 1.0.35.1 or later. For A-Tuning versions prior to 3.0.210, update to version 3.0.210 or later. For F-Stream versions prior to 3.0.210, update to version 3.0.210 or later. For RestartToUEFI versions prior to 1.0.6.2, update to version 1.0.6.2 or later.

Name of the Vulnerable Software and Affected Versions: Worldweaver DX Studio Player versions prior to 3.0.29.1 Description: The issue allows remote attackers to execute arbitrary commands via a .dxstudio file that invokes the `shell.execute` JavaScript API method, due to a lack of access restriction to this method when the player is used as a plug-in for Firefox. Recommendations: For versions prior to 3.0.29.1, consider disabling the `shell.execute` JavaScript API method as a temporary workaround until a patch is available. Restrict access to .dxstudio files that may invoke this method to minimize the risk of exploitation.