CVE-2018-19321
Description
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
Risk Information
Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
40.03
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Vulnerabilities CVE-2018-19320,CVE-2018-19321,CVE-2018-19322 are affected in Xtreme gaming Engine 1.25 | Windows |
| Vulnerabilities CVE-2018-19320,CVE-2018-19321,CVE-2018-19322 are affected in OC Guru II 2.08 | Windows |
| Vulnerabilities CVE-2018-19320,CVE-2018-19321,CVE-2018-19322 are affected in Gigabyte App Center v1.05.21 | Windows |
| Vulnerabilities CVE-2018-19320,CVE-2018-19321,CVE-2018-19322 are affected in Aorus graphics Engine 1.33 | Windows |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234