CVE-2018-19320
| CVE Published | 2018-12-21 |
|---|---|
| Related Vendor(s) | gigabyte |
| Related Product(s) | app_center, oc_guru_ii, xtreme_gaming_engine, aorus_graphics_engine |
| Exploitation Reported (CISA KEV) | 2022-10-24 |
| CVSS 3 Base Score | 7.8 (HIGH) |
| CVSS 3 Attack Complexity | LOW |
| CVSS 3 Attack Vector | LOCAL |
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.
Cyber Threat Graph Context
Explore how this CVE relates to the wider threat graph