Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
9.8
CVSSv3

CVE-2018-19323

Published: 21/12/2018 Updated: 19/05/2020
CVSS v2 Base Score: 9 | Impact Score: 8.5 | Exploitability Score: 10
CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9
VMScore: 802
Vector: AV:N/AC:L/Au:N/C:P/I:P/A:C
Subscribe to Gigabyte

Vulnerability Summary

The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and previous versions, AORUS GRAPHICS ENGINE prior to 1.57, XTREME GAMING ENGINE prior to 1.26, and OC GURU II v2.08 exposes functionality to read and write Machine Specific Registers (MSRs).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

gigabyte aorus graphics engine

gigabyte xtreme gaming engine

gigabyte gigabyte app center

gigabyte oc guru ii 2.08

Exploits

Exploit DB: GIGABYTE Driver Privilege Escalation
Multiple vulnerabilities were found in the GPCIDrv and GDrv drivers as bundled with several GIGABYTE and AORUS branded motherboard and graphics card utilities, which could allow a local attacker to elevate privileges Affected versions include GIGABYTE APP Center 10521 and below, AORUS GRAPHICS ENGINE 133 and below, XTREME GAMING ENGINE 125 and ...

Github Repositories

https://github.com/BKreisel/CVE-2018-1932X

Rust POC for CVE-2018-1932X kernel driver vulnerabilities

CVE-2018-1932X ( Rust Exploit POC) for GIGABYTE APP Center v10521 and earlier Just because your target is memory unsafe doesn't mean your exploit has to be! Vulnerabilities used : CVE-2018-19320 - ring0 memcpy-like functionality CVE-2018-19323 - read and write Machine Specific Registers (MSRs) Tested on: 20H1: Windows 10 Kernel Version 19041 MP (1 procs) Free x64

https://github.com/xct/windows-kernel-exploits

Some of my windows kernel exploits for learning purposes

Windows-Exploits Some kernel exploits I used to learn about the topic, mainly for OSEE These probably contain code snippets from other exploits - if I missed references/authors please send me a message and I'll add them Kernel HEVD Most exploits are vs Win10 1909 x64 targetting githubcom/hacksysteam/HackSysExtremeVulnerableDriver StackOverflow (Medium Integr

References

NVD-CWE-noinfohttps://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilitieshttp://www.securityfocus.com/bid/106252http://seclists.org/fulldisclosure/2018/Dec/39https://www.gigabyte.com/tw/Support/Utility/Graphics-Cardhttps://www.gigabyte.com/Support/Security/1801https://nvd.nist.govhttps://github.com/BKreisel/CVE-2018-1932Xhttps://packetstormsecurity.com/files/150894/GIGABYTE-Driver-Privilege-Escalation.html
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
XXECVE-2024-34490SQL injectionCVE-2024-34488CVE-2024-4507CVE-2023-7028CVE-2024-23187TCPCVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook