CVE-2018-19323
CVE-2018-19323
In short
A flaw in GIGABYTE driver software allows unauthorized programs to read and modify critical processor settings (MSRs), which can lead to complete system compromise and malware installation that is extremely difficult to remove.
Technical detail
The GDrv driver in affected GIGABYTE applications (APP Center ≤1.05.21, AORUS GRAPHICS ENGINE <1.57, XTREME GAMING ENGINE <1.26, OC GURU II ≤2.08) exposes unprivileged MSR read/write operations, enabling local privilege escalation and kernel-level code execution. An attacker with standard user access can modify processor registers to disable security features or gain ring-0 privileges.
Summary generated and translated by AI from the official description.
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes functionality to read and write Machine Specific Registers (MSRs).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 1
githubgithub.com/blueisbeautiful/CVE-2018-19323★ 0⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
Want to know if your infrastructure is exposed to this?
Talk to TrueHacking →References
http://seclists.org/fulldisclosure/2018/Dec/39https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-19323https://www.gigabyte.com/Support/Security/1801https://www.gigabyte.com/tw/Support/Utility/Graphics-Cardhttps://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilitieshttp://www.securityfocus.com/bid/106252