Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

CVE-2018-10712

🗓️ 30 Oct 2018 18:00:00Reported by mitreType 
cve
 cve🔗 web.nvd.nist.gov👁 64 Views🌐 WEB

The ASRock RGBLED, A-Tuning, F-Stream, and RestartToUEFI drivers before v1.0.35.1 and v3.0.210 allows unauthorized access for elevated privileges

Related
Detection
Refs
Paths
ReporterTitlePublishedViews
Family
0day.today		ASRock Drivers Privilege Escalation / Code Execution Exploit
28 Oct 201800:00
zdt
Circl		CVE-2018-10712
29 Oct 201817:54
circl
Cvelist		CVE-2018-10712
30 Oct 201818:00
cvelist
Exploit DB		ASRock Drivers - Privilege Escalation
29 Oct 201800:00
exploitdb
EUVD		EUVD-2018-2782
7 Oct 202500:30
euvd
exploitpack		ASRock Drivers - Privilege Escalation
29 Oct 201800:00
exploitpack
NVD		CVE-2018-10712
30 Oct 201818:29
nvd
OSV		CVE-2018-10712
30 Oct 201818:29
osv
Packet Storm		ASRock Drivers Privilege Escalation / Code Execution
27 Oct 201800:00
packetstorm
Prion		Code injection
30 Oct 201818:29
prion
Rows per page
NVD
Node
asrocka-tuningRange<3.0.210
OR
asrockf-streamRange<3.0.210
OR
asrockrestart_to_uefiRange<1.0.6.2
OR
asrockrgbledRange<1.0.35.1
ParameterPositionPathDescriptionCWE
IOCTL_ASROCK_READCRbinary\\.\AsrDrv101Exposed IOCTLs to read/write CR registers via AsrDrv101 driver (CR access POA).CWE-782
regbinary\\.\AsrDrv101Exposed IOCTLs to read/write CR registers via AsrDrv101 driver (CR access POA).CWE-782
valuebinary\\.\AsrDrv101Exposed IOCTLs to read/write CR registers via AsrDrv101 driver (CR access POA).CWE-782
IOCTL_ASROCK_WRITECRbinary\\.\AsrDrv101Exposed IOCTLs to read/write CR registers via AsrDrv101 driver (CR access POA).CWE-782
IOCTL_ASROCK_WRITEPHbinary\\.\AsrDrv101Exposed IOCTL to arbitrary physical memory read/write via AsrDrv101 driver.CWE-782
destPhysicalbinary\\.\AsrDrv101Exposed IOCTL to arbitrary physical memory read/write via AsrDrv101 driver.CWE-782
sizebinary\\.\AsrDrv101Exposed IOCTL to arbitrary physical memory read/write via AsrDrv101 driver.CWE-782
unk0binary\\.\AsrDrv101Exposed IOCTL to arbitrary physical memory read/write via AsrDrv101 driver.CWE-782
srcbinary\\.\AsrDrv101Exposed IOCTL to arbitrary physical memory read/write via AsrDrv101 driver.CWE-782
IOCTL_ASROCK_RDMSRbinary\\.\AsrDrv101Exposed IOCTLs to MSR read/write via AsrDrv101 driver.CWE-782
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
21 Nov 2024 03:41Current
7.1High risk
Vulners AI Score7.1
CVSS 27.2
CVSS 37.8
EPSS0.00535
CWE-732
asrock rgbleda-tuningf-streamrestarttouefidriver vulnerabilityelevated privilegescve-2018-10712
64