Vulnerability Details CVE-2018-10712
The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 19.6%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 7.2
Products affected by CVE-2018-10712
-
cpe:2.3:a:asrock:a-tuning:*
-
cpe:2.3:a:asrock:f-stream:*
-
cpe:2.3:a:asrock:restart_to_uefi:*
-
cpe:2.3:a:asrock:rgbled:1.0.31.1