PULSE
LIVE22signals / 24h
FEED
ransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Servicesransominterlock reclama a Centre for Newcomers · CA · Public Sectorransominterlock reclama a Paragon Store Fixtures · US · Manufacturingransomakira reclama a Westcoast Communication Services · Telecommunicationransomakira reclama a Nesco Bus Maintenance · Transportation/Logisticsransomm3rx reclama a suppcentersa.com · ZA · Business Servicesransomm3rx reclama a arambol.co.uk · GB · Not Foundransomincransom reclama a Kyokuto Kaihatsu Kogyo · JP · Manufacturingransomnova reclama a Phi · Not Foundransomnova reclama a Digipro · Technologyransomnova reclama a Integrated Marketing Services · Business Servicesransomkrybit reclama a eitzchaim.com · IL · Not Foundransomkrybit reclama a formasuniversales.com · MX · Business Servicesransomkrybit reclama a rehabmalaysia.com · MY · Healthcareransomkrybit reclama a www.lagus.cz · CZ · Business Services
← All CVEs
CVE Watch

CVE-2018-19323

GIGABYTE Multiple Products Privilege Escalation Vulnerability

CVSS

No CVSS

EPSS

8.5%

p94

KEV

YES

Oct 24, 2022

Exploit Today

78

0-100

Published: · Last modified:

EPSS · 30d
8.5%EPSS · 30 days8.5%
2026-06-302026-07-16
KEV catalog record

Product

GIGABYTE / Multiple Products

Vulnerability

GIGABYTE Multiple Products Privilege Escalation Vulnerability

Added to KEV

Oct 24, 2022

Remediate by

Nov 14, 2022

Known ransomware use

Yes

Summary description

The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.

Required action

Apply updates per vendor instructions.

Notes

https://www.gigabyte.com/Support/Security/1801; https://nvd.nist.gov/vuln/detail/CVE-2018-19323

Related CVEs
CVECVSSEPSSKEVRExploitTitleMod.
CVE-2018-19321
88.4%
KEV77GIGABYTE Multiple Products Privilege Escalation Vulnerability
CVE-2018-19320
88.1%
KEV76GIGABYTE Multiple Products Unspecified Vulnerability
CVE-2018-19322
77.0%
KEV73GIGABYTE Multiple Products Code Execution Vulnerability