A vulnerability has been found in ASRock RGBLED, A-Tuning, F-Stream and RestartToUEFI (the affected version is unknown) and classified as critical. This vulnerability affects an unknown code in the library AsrDrv101.sys/AsrDrv102.sys of the component Driver. The manipulation with an unknown input leads to a access control vulnerability. The CWE definition for the vulnerability is CWE-264. As an impact it is known to affect confidentiality, integrity, and availability. CVE summarizes:

The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.

The bug was discovered 10/25/2018. The weakness was published 10/29/2018 (Website). The advisory is available at exploit-db.com. This vulnerability was named CVE-2018-10710 since 05/03/2018. Local access is required to approach this attack. A single authentication is needed for exploitation. Technical details and also a public exploit are known. This vulnerability is assigned to T1068 by the MITRE ATT&CK project.

It is possible to download the exploit at exploit-db.com. It is declared as proof-of-concept. The vulnerability was handled as a non-public zero-day exploit for at least 5 days. During that time the estimated underground price was around $0-$5k.

Upgrading eliminates this vulnerability.

The vulnerability is also documented in the vulnerability database at Exploit-DB (45716).

Productinfo

Vendor

• ASRock

Name

• A-Tuning
• F-Stream
• RestartToUEFI
• RGBLED

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion