A security company called SecureAuth shares word that that two drivers from Asus and also two from Gigabyte contain vulnerabilities. The drivers come bundled with tools that companies provide for motherboards and video cards.
In total, there are seven vulnerabilities affecting five software products, and researchers wrote exploit code for each of them. Many of them might still be unaddressed. Two of the vulnerable drivers are installed by the Aura Sync software (v1.07.22 and earlier) from ASUS and the flaws they carry can be exploited for local code execution reports Dutch-based tweakers.net via bleeping computer:
The vulnerabilities lead to privilege escalation via software like the GIGABYTE App Center (v1.05.21 and below), AORUS Graphics Engine (v1.33 and below), the XTREME Engine utility (v1.25 and earlier), and OC Guru II (v2.08). The vulnerabilities are tagged under CVE-2018-18535, CVE-2018-18536 and CVE-2018-1853. The first and last allow the execution of code with elevated rights, the second can lead to the reading and writing of data via the I/O ports. ASUS has been informed in November last year. In April, Asus released a new version of Aura Sync, but it only fixed two of the three problems, according to SecureAuth.
The vulnerabilities in Gigabyte 's gpcidrv and gdrv drivers are CVE-2018-19320, CVE-2018-19321, CVE-2018-19322 and CVE-2018-19323. This driver supplies the company with the Gigabyte App Center, Aorus Graphic Engine, Xtreme Gaming Engine and OC Guru II. The vulnerabilities make it possible, among other things, to take over a system. There is a proof-of-concept that performs read and write actions on virtual memory and causes a system crash. On April 24th Gigabyte was notified, but the company had released a new version of the software on July 16th that was no longer affected.
Asus Aura Sync and Gigabyte Xtreme Software contain vulnerabilities