Exploit for #VU16621 Privilege escalation in GIGABYTE Global Hardware solutions

Published: 2020-04-19 | Updated: 2023-12-27

Vulnerability identifier: #VU16621

Vulnerability risk: Low

CVSSv3.1: 8.4 [CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:H/RL:U/RC:C]

CVE-ID: CVE-2018-19320

CWE-ID: CWE-782

Exploitation vector: Local

Exploits in database: 6

December 27, 2023
- CVE-2018-19320 (GIGABYTE Driver exploit Win10 19H1 and 22H2) [Github]
July 26, 2022
- CVE-2018-19320-LPE (CVE-2018-19320 LPE Exploit) [Github]
August 19, 2021
- CVE-2018-19320-LPE (CVE-2018-19320 LPE Exploit) [Github]
May 3, 2021
- CVE-2018-19320 (Exploit for CVE-2018-19320) [Github]
January 21, 2021
- CVE-2018-19320 (Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)) [Github]
April 19, 2020
- CVE-2018-19320 (Exploiting ring0 memcpy-like functionality to disable Driver Signing Enforcement (DSE)) [Github]

Impact: Code execution

Vulnerable software:
GIGABYTE APP Center
Hardware solutions / Drivers
AORUS GRAPHICS ENGINE
Hardware solutions / Drivers
XTREME GAMING ENGINE
Hardware solutions / Drivers
OC GURU
Hardware solutions / Drivers

Vendor: GIGABYTE Global