Skip to main content

Gigabyte Control Center EUVDEUVD-2026-43274

| CVE-2026-9492 HIGH
Exposed IOCTL with Insufficient Access Control (CWE-782)
2026-07-13 twcert GHSA-7q9h-5cwr-84vv
8.5
CVSS 4.0 · Vendor: twcert
Share

Severity by source

Vendor (twcert) PRIMARY
8.5 HIGH
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
vuln.today AI
7.8 HIGH

Local authenticated user (AV:L/PR:L) sends IOCTLs with no user interaction; arbitrary kernel memory read/write yields full C/I/A impact within OS scope (S:U).

3.1 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
4.0 AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Primary rating from Vendor (twcert).

CVSS VectorVendor: twcert

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

1
Analysis Generated
Jul 13, 2026 - 04:21 vuln.today

DescriptionCVE.org

The MBStorage DRAM lighting control module within Gigabyte Control Center (GCC) developed by GIGABYTE Technology has an Improper Access Control vulnerability. Authenticated local attackers can send specific IOCTL commands through the driver MyPortIO_x64.sys bundled with the module, thereby arbitrarily reading and writing physical memory and obtaining kernel-level privileges.

AnalysisAI

Local privilege escalation in the MBStorage DRAM lighting control module of GIGABYTE's Gigabyte Control Center (GCC) lets an authenticated low-privileged local user reach kernel-level privileges by abusing the bundled MyPortIO_x64.sys driver. The driver exposes IOCTL handlers without adequate access control, permitting arbitrary read and write of physical memory. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Obtain local low-privileged access
Delivery
Open MyPortIO_x64.sys device handle
Exploit
Send crafted IOCTL commands
Execution
Arbitrary physical memory read/write in kernel
Impact
Elevate to kernel/SYSTEM privileges

Vulnerability AssessmentAI

Exploitation Exploitation requires an authenticated local session on a Windows host where Gigabyte Control Center with the MBStorage DRAM lighting control module (and thus the MyPortIO_x64.sys driver) is installed and the driver is loaded. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The CVSS 4.0 vector (AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H) describes a local, low-complexity attack requiring low privileges and no user interaction, with high impact to confidentiality, integrity, and availability of the vulnerable system - a textbook local privilege escalation profile, score 8.5 High. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who has already gained a foothold as a standard (non-administrator) user on a Gigabyte workstation - for example via phishing or a compromised application - opens a handle to the MyPortIO_x64.sys device and issues crafted IOCTL commands to read and write physical memory, overwriting kernel data to elevate their token to SYSTEM. With AV:L/AC:L/PR:L/UI:N the attack is reliable and needs no user interaction; no public exploit was identified at time of analysis, but the primitive is straightforward for a skilled local attacker to weaponize.
Remediation Consult the GIGABYTE/TWCERT advisories (https://www.twcert.org.tw/en/cp-139-11034-f7f2f-2.html and https://www.twcert.org.tw/tw/cp-132-11033-97316-1.html) and update Gigabyte Control Center and its MBStorage module to the vendor-fixed release; no exact patched version number was provided in the input data, so verify the fixed build directly from the advisory rather than assuming one. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Audit all systems running Gigabyte Control Center; disable or isolate GCC on critical infrastructure. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-43274 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy