CVE-2018-19323
78Vexday Risk Score
Prioritize patching. It under exploitation confirmed by CISA and has a public proof of concept.
ssvc Actcvss 9.8epss 8.5%
from disclosure to weapon2441 days
Published on NVDDec 21
1st PoC+2441d
CISA KEV+1403d
exploitation probability
8.5%top 6% of all CVEs
observed exploitation
yesCISA + VulnCheck
2 public exploit(s)
Action required by CISAfederal deadline: 2022-11-14
Apply updates per vendor instructions.
In short
A flaw in GIGABYTE driver software allows unauthorized programs to read and modify critical processor settings (MSRs), which can lead to complete system compromise and malware installation that is extremely difficult to remove.
Technical detail
The GDrv driver in affected GIGABYTE applications (APP Center ≤1.05.21, AORUS GRAPHICS ENGINE <1.57, XTREME GAMING ENGINE <1.26, OC GURU II ≤2.08) exposes unprivileged MSR read/write operations, enabling local privilege escalation and kernel-level code execution. An attacker with standard user access can modify processor registers to disable security features or gain ring-0 privileges.
Summary generated and translated by AI from the official description.
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes functionality to read and write Machine Specific Registers (MSRs).
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Affected products
n/a · n/apublic PoCs found — 2
githubgithub.com/blueisbeautiful/CVE-2018-19323★ 0vulncheckvulncheck.com/xdb/27e5e5266901unverified⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.
References
http://seclists.org/fulldisclosure/2018/Dec/39https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2018-19323https://www.gigabyte.com/Support/Security/1801https://www.gigabyte.com/tw/Support/Utility/Graphics-Cardhttps://www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilitieshttp://www.securityfocus.com/bid/106252