CVE-2018-10709
30.10.2018, 18:29
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write CR register values. This could be leveraged in a number of ways to ultimately run code with elevated privileges.Enginsight
| Vendor | Product | Version |
|---|---|---|
| asrock | a-tuning | 𝑥 < 3.0.210 |
| asrock | f-stream | 𝑥 < 3.0.210 |
| asrock | restart_to_uefi | 𝑥 < 1.0.6.2 |
| asrock | rgbled | 𝑥 < 1.0.35.1 |
𝑥
= Vulnerable software versions
Common Weakness Enumeration