Severity by source
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Local authenticated user (AV:L/PR:L) sends IOCTLs with no user interaction; arbitrary kernel memory read/write yields full C/I/A impact within OS scope (S:U).
Primary rating from Vendor (twcert).
CVSS VectorVendor: twcert
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
1DescriptionCVE.org
The MBStorage DRAM lighting control module within Gigabyte Control Center (GCC) developed by GIGABYTE Technology has an Improper Access Control vulnerability. Authenticated local attackers can send specific IOCTL commands through the driver MyPortIO_x64.sys bundled with the module, thereby arbitrarily reading and writing physical memory and obtaining kernel-level privileges.
AnalysisAI
Local privilege escalation in the MBStorage DRAM lighting control module of GIGABYTE's Gigabyte Control Center (GCC) lets an authenticated low-privileged local user reach kernel-level privileges by abusing the bundled MyPortIO_x64.sys driver. The driver exposes IOCTL handlers without adequate access control, permitting arbitrary read and write of physical memory. …
Unlock full vulnerability intelligence
- Risk assessment & exploitation conditions
- Attack chain visualization
- Remediation with exact patch versions
- Threat intelligence from 22 sources
- Personal watchlist & email alerts
Free forever · No credit card required
Attack ChainAIDerived
Hypothetical attack flow derived from CVE metadata
Vulnerability AssessmentAI
| Exploitation | Exploitation requires an authenticated local session on a Windows host where Gigabyte Control Center with the MBStorage DRAM lighting control module (and thus the MyPortIO_x64.sys driver) is installed and the driver is loaded. … Additional conditions and limiting factors are described in the full assessment. |
| Risk Assessment | The CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H) describes a local, low-complexity attack requiring low privileges and no user interaction, with high impact to confidentiality, integrity, and availability of the vulnerable system - a textbook local privilege escalation profile, score 8.5 High. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in. |
| Exploit Scenario | An attacker who has already gained a foothold as a standard (non-administrator) user on a Gigabyte workstation - for example via phishing or a compromised application - opens a handle to the MyPortIO_x64.sys device and issues crafted IOCTL commands to read and write physical memory, overwriting kernel data to elevate their token to SYSTEM. With AV:L/AC:L/PR:L/UI:N the attack is reliable and needs no user interaction; no public exploit was identified at time of analysis, but the primitive is straightforward for a skilled local attacker to weaponize. |
| Remediation | Consult the GIGABYTE/TWCERT advisories (https://www.twcert.org.tw/en/cp-139-11034-f7f2f-2.html and https://www.twcert.org.tw/tw/cp-132-11033-97316-1.html) and update Gigabyte Control Center and its MBStorage module to the vendor-fixed release; no exact patched version number was provided in the input data, so verify the fixed build directly from the advisory rather than assuming one. … Detailed patch versions, workarounds, and compensating controls in full report. |
Recommended ActionAI
Within 24 hours: Audit all systems running Gigabyte Control Center; disable or isolate GCC on critical infrastructure. …
Sign in for detailed remediation steps and compensating controls.
Threat intelligence, references, and detailed analysis are available after sign-in.
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-43274
GHSA-7q9h-5cwr-84vv