Vulnerability Details CVE-2018-10711
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 19.6%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
Products affected by CVE-2018-10711
-
cpe:2.3:a:asrock:a-tuning:*
-
cpe:2.3:a:asrock:f-stream:*
-
cpe:2.3:a:asrock:restart_to_uefi:*
-
cpe:2.3:a:asrock:rgbled:1.0.31.1