Unrated severityCISA KEVNVD Advisory· Published Dec 21, 2018· Updated Oct 21, 2025

CVE-2018-19321

Description

The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

seclists.org/fulldisclosure/2018/Dec/39mitremailing-listx_refsource_FULLDISC
www.securityfocus.com/bid/106252mitrevdb-entryx_refsource_BID
www.gigabyte.com/Support/Security/1801mitrex_refsource_CONFIRM
www.secureauth.com/labs/advisories/gigabyte-drivers-elevation-privilege-vulnerabilitiesmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.030
exploit	0.000
kev	0.120
patch	0.000
ransomware	0.060