Published: 30/10/2018 Updated: 03/10/2019

CVSS v2 Base Score: 7.2 | Impact Score: 10 | Exploitability Score: 3.9

CVSS v3 Base Score: 7.1 | Impact Score: 5.2 | Exploitability Score: 1.8

VMScore: 725

Vector: AV:L/AC:L/Au:N/C:C/I:C/A:C

The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local malicious user to elevate privileges.

Vulnerable Product	Search on Vulmon	Subscribe to Product
asrock restart to uefi
asrock a-tuning
asrock rgbled
asrock f-stream

SecureAuth - SecureAuth Labs Advisory wwwsecureauthcom/ ASRock Drivers Elevation of Privilege Vulnerabilities 1 *Advisory Information* Title: ASRock Drivers Elevation of Privilege Vulnerabilities Advisory ID: CORE-2018-0005 Advisory URL: wwwsecureauthcom/labs/advisories/asrock-drivers-elevation-privilege-vulnerabilities Date ...

ASRock offers several utilities designed to give the user with an ASRock motherboard more control over certain settings and functions These utilities include various features like the RGB LED control, hardware monitor, fan controls, and overclocking/voltage options Multiple vulnerabilities were found in AsrDrv101sys and AsrDrv102sys low level d ...

CWE-732 https://www.secureauth.com/labs/advisories/asrock-drivers-elevation-privilege-vulnerabilities https://www.exploit-db.com/exploits/45716/https://nvd.nist.gov https://www.exploit-db.com/exploits/45716/

CVE-2018-10710

Vulnerability Summary

Vulnerability Trend

Exploits

References

Vulmon Search

About

Products

Connect