32 matches found
CVE-2019-7630
An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register MSR. Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation o...
EUVD-2019-17163
Malware in sbrugna...
GIGABYTE APP Center < 19.4.22.1 Multiple Vulnerabilities
The version of GIGABYTE APP Center installed on the remote host is prior to 19.4.22.1. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.5...
GIGABYTE OC GURU II 2.08 Multiple Vulnerabilities
The version of GIGABYTE OC GURU II installed on the remote host is 2.08. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMI...
GIGABYTE APP CENTER Installed (Windows)
Binary data gigabyteappcenterwininstalled.nbin...
Vulnerability of the GDrv driver – a program for configuring Gigabyte Aorus Engine graphics cards. The GIGABYTE App Center, a program for managing applications. The Extreme Gaming Engine, a program for monitoring the status of graphics cards. It allows a hacker to execute arbitrary code.
The vulnerability of the GDrv driver, a program for configuring Gigabyte Aorus Engine graphics cards, the GIGABYTE App Center, and the Extreme Gaming Engine status monitoring program is related to access control deficiencies. Exploiting this vulnerability can allow an attacker to execute arbitrar...
The vulnerabilities of the GPCIDrv and GDrv drivers allow attackers to execute arbitrary code. These drivers are used by the Gigabyte Aorus Engine video card configuration program, the GIGABYTE App Center for application management, and the Extreme Gaming Engine for video card status monitoring.
The vulnerability of the GPCIDrv and GDrv drivers is related to the open IOCTL mechanism, which lacks sufficient access control. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerabilities of the GPCIDrv and GDrv drivers allow attackers to execute arbitrary code. These drivers are used by the Gigabyte Aorus Engine video card configuration program, the GIGABYTE App Center for application management, and the Extreme Gaming Engine for video card status monitoring.
The vulnerabilities of the GPCIDrv and GDrv drivers are related to implementation errors and functions in the Gigabyte Aorus Engine graphics card configuration software, the GIGABYTE App Center application management tool, and the Extreme Gaming Engine status monitoring software. Exploiting these...
Gigabyte Technology Gigabyte APP Center Code Execution Vulnerability
Gigabyte Technology Gigabyte APP Center is a suite of software from Gigabyte Technology Taiwan, China for managing all Gigabyte applications on your computer. A security vulnerability exists in the gdrv.sys file in Gigabyte Technology Gigabyte APP Center versions prior to 19.0227.1. An attacker...
CVE-2019-7630
An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register MSR. Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation o...
CVE-2019-7630
An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register MSR. Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation o...
Privilege escalation
An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register MSR. Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation o...
CVE-2019-7630
An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register MSR. Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation o...
PT-2020-11248 · Gigabyte · Gigabyte App Center
Name of the Vulnerable Software and Affected Versions: Gigabyte APP Center version 19.0227.1 and earlier Description: An issue was discovered in the gdrv.sys driver. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific...
Arbitrary Code Execution Vulnerability in Multiple GIGABYTE Products (CNVD-2018-26460)
GIGABYTE APP Center and others are products of GIGABYTE Technology, a Chinese company. GIGABYTE APP Center is a software program for managing and updating GIGABYTE's product utility programs. AORUS GRAPHICS ENGINE is a software program for overclocking graphics cards. A security vulnerability...
Arbitrary Code Execution Vulnerability in Multiple GIGABYTE Products (CNVD-2018-26457)
GIGABYTE APP Center and others are products of GIGABYTE Technology, a Chinese company. GIGABYTE APP Center is a software program for managing and updating GIGABYTE's product utility programs. AORUS GRAPHICS ENGINE is a software program for overclocking graphics cards. A security vulnerability...
CVE-2018-19322
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run cod...
CVE-2018-19320
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system...
Information disclosure
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system...
CVE-2018-19321
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate...