Mbstorage
Monthly
Local privilege escalation in the MBStorage DRAM lighting control module of GIGABYTE's Gigabyte Control Center (GCC) lets an authenticated low-privileged local user reach kernel-level privileges by abusing the bundled MyPortIO_x64.sys driver. The driver exposes IOCTL handlers without adequate access control, permitting arbitrary read and write of physical memory. No public exploit identified at time of analysis; the issue was reported by Taiwan's TWCERT and carries a CVSS 4.0 base score of 8.5 (High).
Local privilege escalation in the MBStorage DRAM lighting control module of GIGABYTE's Gigabyte Control Center (GCC) lets an authenticated low-privileged local user reach kernel-level privileges by abusing the bundled MyPortIO_x64.sys driver. The driver exposes IOCTL handlers without adequate access control, permitting arbitrary read and write of physical memory. No public exploit identified at time of analysis; the issue was reported by Taiwan's TWCERT and carries a CVSS 4.0 base score of 8.5 (High).