Vulnerability Details CVE-2018-10710
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 5.1%
CVSS Severity
CVSS v3 Score 7.1
CVSS v2 Score 7.2
Products affected by CVE-2018-10710
-
cpe:2.3:a:asrock:a-tuning:*
-
cpe:2.3:a:asrock:f-stream:*
-
cpe:2.3:a:asrock:restart_to_uefi:*
-
cpe:2.3:a:asrock:rgbled:1.0.31.1