PT-2026-57623 · Gigabyte · Mbstorage

Published

2026-07-13

·

Updated

2026-07-13

·

CVE-2026-9492

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
The MBStorage DRAM lighting control module within Gigabyte Control Center (GCC) developed by GIGABYTE Technology has an Improper Access Control vulnerability. Authenticated local attackers can send specific IOCTL commands through the driver MyPortIO x64.sys bundled with the module, thereby arbitrarily reading and writing physical memory and obtaining kernel-level privileges.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-9492

Affected Products

Mbstorage