RSS   Vulnerabilities for 'App center'   RSS

2020-03-25
 
CVE-2019-7630

CWE-665
 

 
An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.

 
2018-12-21
 
CVE-2018-19322

CWE-749
 

 
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

 
 
CVE-2018-19321

CWE-noinfo
 

 
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.

 
 
CVE-2018-19320

CWE-668
 

 
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.

 

 >>> Vendor: Gigabyte 9 Products
Gn-b46b
Dldrv2 activex control
Gb-bsi7h-6500 firmware
Gb-bxi7-5775 firmware
Aorus graphics engine
App center
Oc guru ii
Xtreme gaming engine
Gigabyte app center


Copyright 2020, cxsecurity.com

 

Back to Top