GIGABYTE XTREME GAMING ENGINE < 1.26 Multiple Vulnerabilities

The version of GIGABYTE XTREME GAMING ENGINE installed on the remote host is prior to 1.26. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE befor...

GIGABYTE OC GURU II 2.08 Multiple Vulnerabilities

The version of GIGABYTE OC GURU II installed on the remote host is 2.08. It is, therefore, affected by multiple vulnerabilities as referenced in GIGABYTE security advisory 1801: - The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMI...

GIGABYTE Multiple Products Code Execution Vulnerability

The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges...

GIGABYTE Multiple Products Privilege Escalation Vulnerability

The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges...

PT-2020-11248 · Gigabyte · Gigabyte App Center

Name of the Vulnerable Software and Affected Versions: Gigabyte APP Center version 19.0227.1 and earlier Description: An issue was discovered in the gdrv.sys driver. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific...

Code injection

The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes functionality to read and write Machine Specific Registers MSRs...

CVE-2018-19321

The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate...

CVE-2018-19320

The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system...

Information disclosure

The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system...

CVE-2018-19322

The CVE-2018-19322 issue affects GIGABYTE APP Center and related components (GDrv; GPCIDrv; AORUS GRAPHICS ENGINE; XTREME GAMING ENGINE; OC GURU II) with IO port read/write access exposed by these low‑level drivers. The documented impact is local privilege elevation via arbitrary IO port operatio...

CVE-2018-19320

CVE-2018-19320 concerns the GDrv low-level driver used by GIGABYTE APP Center and related tools (AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, OC GURU II v2.08). The vulnerability exposes ring0 memcpy-like functionality that could let a local attacker gain full control of t...

PT-2018-3843 · Gigabyte · Oc Guru Ii +4

Name of the Vulnerable Software and Affected Versions: GIGABYTE APP Center versions 1.05.21 and earlier AORUS GRAPHICS ENGINE versions prior to 1.57 XTREME GAMING ENGINE versions prior to 1.26 OC GURU II version 2.08 Description: The issue is related to insufficient access control in the GDrv...

CVE-2018-19323

The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes functionality to read and write Machine Specific Registers MSRs. Recent assessments: Assessed Attacker Value: 0 Assessed Attacke...