Gigabyte Gigabyte

  1. Vendors
  2. Gigabyte

Don't miss out!

Thousands of developers use stack.watch to stay informed.
Get an email whenever new security vulnerabilities are reported in any Gigabyte product.

RSS Feeds for Gigabyte security vulnerabilities

Create a CVE RSS feed including security vulnerabilities found in Gigabyte products with stack.watch. Just hit watch, then grab your custom RSS feed url.

Products by Gigabyte Sorted by Most Security Vulnerabilities since 2018

Gigabyte Aorus Graphics Engine4 vulnerabilities

Gigabyte App Center4 vulnerabilities

Gigabyte Oc Guru Ii4 vulnerabilities

Gigabyte Xtreme Gaming Engine4 vulnerabilities

Gigabyte App Center1 vulnerability

Known Exploited Gigabyte Vulnerabilities

The following Gigabyte vulnerabilities have been marked by CISA as Known to be Exploited by threat actors.

Title Description Added
GIGABYTE Multiple Products Privilege Escalation Vulnerability The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
CVE-2018-19323 Exploit Probability: 14.7% 		October 24, 2022
GIGABYTE Multiple Products Code Execution Vulnerability The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
CVE-2018-19322 Exploit Probability: 2.9% 		October 24, 2022
GIGABYTE Multiple Products Privilege Escalation Vulnerability The GPCIDrv and GDrv low-level drivers in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
CVE-2018-19321 Exploit Probability: 40.0% 		October 24, 2022
GIGABYTE Multiple Products Unspecified Vulnerability The GDrv low-level driver in GIGABYTE App Center, AORUS Graphics Engine, XTREME Gaming Engine, and OC GURU II exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.
CVE-2018-19320 Exploit Probability: 38.7% 		October 24, 2022

2 known exploited Gigabyte vulnerabilities are in the top 5% (95th percentile or greater) of the EPSS exploit probability rankings.

By the Year

In 2026 there have been 3 vulnerabilities in Gigabyte with an average score of 7.9 out of ten. Last year, in 2025 Gigabyte had 5 security vulnerabilities published. If vulnerabilities keep coming in at the current rate, it appears that number of security vulnerabilities in Gigabyte in 2026 could surpass last years number. However, the average CVE base score of the vulnerabilities in 2026 is greater by 0.06.




Year Vulnerabilities Average Score
2026 3 7.90
2025 5 7.84
2024 0 0.00
2023 0 0.00
2022 0 0.00
2021 0 0.00
2020 1 0.00
2019 0 0.00
2018 4 8.30

It may take a day or so for new Gigabyte vulnerabilities to show up in the stats or in the list of recent security vulnerabilities. Additionally vulnerabilities may be tagged under a different product or component name.

Recent Gigabyte Security Vulnerabilities

CVE Date Vulnerability Products
CVE-2026-4416 Mar 30, 2026
Insecure Deserialization in Gigabyte Control Center Performance Lib The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine service, resulting in privilege escalation.
CVE-2026-4415 Mar 30, 2026
Gigabyte Ctrl Center Arbitrary File Write CVE-2026-4415 Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation.
CVE-2026-0870 Feb 09, 2026
MacroHub LPE via Improper External App Privileges MacroHub developed by GIGABYTE has a Local Privilege Escalation vulnerability. Due to the MacroHub application launching external applications with improper privileges, allowing authenticated local attackers to execute arbitrary code with SYSTEM privileges.
CVE-2025-14302 Dec 17, 2025
GIGABYTE Motherboard IOMMU Disable DMA Physical Memory Access Certain motherboard models developed by GIGABYTE has a Protection Mechanism Failure vulnerability. Because IOMMU was not properly enabled, unauthenticated physical attackers can use a DMA-capable PCIe device to read and write arbitrary physical memory before the OS kernel and its security features are loaded.
CVE-2025-7026 Jul 11, 2025
SwSmiInputValue 0xB2: SMM Escalation via RBX Overwrite A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is used as an unchecked pointer in the CommandRcx0 function. If the contents at RBX match certain expected values (e.g., '$DB$' or '2DB$'), the function performs arbitrary writes to System Management RAM (SMRAM), leading to potential privilege escalation to System Management Mode (SMM) and persistent firmware compromise.
CVE-2025-7027 Jul 11, 2025
SMM PrivEsc via Unvalidated UEFI NVRAM in SwSmi 0xB2 A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control both the read and write addresses used by the CommandRcx1 function. The write target is derived from an unvalidated UEFI NVRAM variable (SetupXtuBufferAddress), while the write content is read from an attacker-controlled pointer based on the RBX register. This dual-pointer dereference enables arbitrary memory writes within System Management RAM (SMRAM), leading to potential SMM privilege escalation and firmware compromise.
CVE-2025-7028 Jul 11, 2025
SMI-pointer exploit allows arbitrary SMRAM R/W in Intel firmware A vulnerability in the Software SMI handler (SwSmiInputValue 0x20) allows a local attacker to supply a crafted pointer (FuncBlock) through RBX and RCX register values. This pointer is passed unchecked into multiple flash management functions (ReadFlash, WriteFlash, EraseFlash, and GetFlashInfo) that dereference both the structure and its nested members, such as BufAddr. This enables arbitrary read/write access to System Management RAM (SMRAM), allowing an attacker to corrupt firmware memory, exfiltrate SMRAM content via flash, or install persistent implants.
CVE-2025-7029 Jul 11, 2025
SMI Handler RBX Manipulation in OpenCore Leads to SMM Priv Esc A vulnerability in the Software SMI handler (SwSmiInputValue 0xB2) allows a local attacker to control the RBX register, which is used to derive pointers (OcHeader, OcData) passed into power and thermal configuration logic. These buffers are not validated before performing multiple structured memory writes based on OcSetup NVRAM values, enabling arbitrary SMRAM corruption and potential SMM privilege escalation.
CVE-2019-7630 Mar 25, 2020
An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1 An issue was discovered in gdrv.sys in Gigabyte APP Center before 19.0227.1. The vulnerable driver exposes a wrmsr instruction via IOCTL 0xC3502580 and does not properly filter the target Model Specific Register (MSR). Allowing arbitrary MSR writes can lead to Ring-0 code execution and escalation of privileges.
App Center
CVE-2018-19320 Dec 21, 2018
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes ring0 memcpy-like functionality that could allow a local attacker to take complete control of the affected system.
Aorus Graphics Engine
App Center
Oc Guru Ii
And others...
CVE-2018-19321 Dec 21, 2018
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read and write arbitrary physical memory. This could be leveraged by a local attacker to elevate privileges.
Aorus Graphics Engine
App Center
Oc Guru Ii
And others...
CVE-2018-19322 Dec 21, 2018
The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read/write data The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
Aorus Graphics Engine
App Center
Oc Guru Ii
And others...
CVE-2018-19323 Dec 21, 2018
The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier The GDrv low-level driver in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 exposes functionality to read and write Machine Specific Registers (MSRs).
Aorus Graphics Engine
Gigabyte App Center
Oc Guru Ii
And others...
Built by Foundeo Inc., with data from the National Vulnerability Database (NVD). Privacy Policy. Use of this site is governed by the Legal Terms
Disclaimer
CONTENT ON THIS WEBSITE IS PROVIDED ON AN "AS IS" BASIS AND DOES NOT IMPLY ANY KIND OF GUARANTEE OR WARRANTY, INCLUDING THE WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR USE. YOUR USE OF THE INFORMATION ON THE DOCUMENT OR MATERIALS LINKED FROM THE DOCUMENT IS AT YOUR OWN RISK. Always check with your vendor for the most up to date, and accurate information.