← Back

CVE-2018-19321

nvd nist
Published: Dec 21, 2018Modified: Nov 7, 2025CISA KEV

JSON object

Loading...
7.8
Vector
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Exploitability: 1.8 / Impact: 5.9
Source: NVD

Description

The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.

Affected (4)

Gigabyte
4 products
Aorus Graphics Engine
App Center
Oc Guru Ii
Xtreme Gaming Engine
Configuration A
4 vulnerable
Vulnerable SoftwareAffected Versions
Aorus Graphics Engine
Before 1.57
App Center
Before 19.0422.1
Oc Guru Ii
Version 2.08
Xtreme Gaming Engine
Before 1.26

References (9)

Source: cve@mitre.org
ExploitMailing ListThird Party Advisory
Source: cve@mitre.org
Broken LinkThird Party AdvisoryVDB Entry
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Broken LinkExploitThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitMailing ListThird Party Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkThird Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Broken LinkExploitThird Party Advisory
Source: 134c704f-9b21-4f2e-91b3-4a467353bcc0
US Government Resource

Timeline

No history available yet.