← back
CVE-2018-10709

CVE-2018-10709

EPSS 1.2%
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write CR register values. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
Affected products
n/a · n/a
public PoCs found2
cve_referencewww.exploit-db.com/exploits/45716/unverifiedexploitdbwww.exploit-db.com/exploits/45716unverified
⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://www.exploit-db.com/exploits/45716/https://www.secureauth.com/labs/advisories/asrock-drivers-elevation-privilege-vulnerabilities