QwikSec

Security Database

CVE

CWE

Training

CVE-2018-10712

Published: Oct 30, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://www.secureauth.com/labs/advisories/asrock-drivers-elevation-privilege-vulnerabilities

x_refsource_MISC

exploit

x_refsource_EXPLOIT-DB

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.