cbcvebase.

Asrock A-Tuning vulnerabilities

4 known vulnerabilities affecting asrock/a-tuning.

Total CVEs
4
CISA KEV
0
Public exploits
4
Exploited in wild
0
Severity breakdown
HIGH4

Vulnerabilities

Page 1 of 1
CVE-2018-10711P3HIGHCVSS 7.8PoCfixed in 3.0.2102018-10-30
CVE-2018-10711 [HIGH] CWE-20 CVE-2018-10711: The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning be The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.
nvd
CVE-2018-10712P3HIGHCVSS 7.8PoCfixed in 3.0.2102018-10-30
CVE-2018-10712 [HIGH] CWE-732 CVE-2018-10712: The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning be The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
nvd
CVE-2018-10709P3HIGHCVSS 7.8PoCfixed in 3.0.2102018-10-30
CVE-2018-10709 [HIGH] CWE-732 CVE-2018-10709: The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning be The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write CR register values. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
nvd
CVE-2018-10710P3HIGHCVSS 7.1PoCfixed in 3.0.2102018-10-30
CVE-2018-10710 [HIGH] CWE-732 CVE-2018-10710: The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning be The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
nvd
Asrock A-Tuning vulnerabilities | cvebase