CVE-2018-19320: GIGABYTE Multiple Products Unspecified Vulnerability. The
GIGABYTE Multiple Products Unspecified Vulnerability. The GDrv low-level driver in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.
- CISA KEV-listed (remediation due 2022-11-14)
- used in ransomware campaigns
- EPSS 34.4% (97.1% percentile)