#VU15549 Information disclosure in ASRock products - CVE-2018-10710

Cybersecurity Help s.r.o.

Published: 2018-10-26 | Updated: 2021-06-17

Vulnerability identifier: #VU15549

Vulnerability risk: Low

CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2018-10710

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
ASRock RGBLED
Hardware solutions / Drivers
ASRock RestartToUEFI
Hardware solutions / Drivers
ASRock F-Stream
Hardware solutions / Drivers
ASRock A-Tuning
Hardware solutions / Drivers

Vendor: ASRock

Description
The vulnerability allows a remote attacker to obtain potentially sensitive information on the target system.

The weakness exists due to input/output control code in the driver, which exposed functionality to read and write arbitrary physical memory. A remote attacker can gain access to arbitrary data that may be used to gain elevated privileges.

Mitigation
Update ASRock RGBLED to version 1.0.36
Update ASRock A-Tuning to version 3.0.216,
Update ASRock F-Stream to version 3.0.216,
Update ASRock RestartToUEFI to version 1.0.7.

Vulnerable software versions

ASRock RGBLED: before 1.0.36

ASRock RestartToUEFI: before 1.0.7

ASRock F-Stream: before 3.0.216

ASRock A-Tuning: before 3.0.216

External links
https://www.secureauth.com/labs/advisories/asrock-drivers-elevation-privilege-vulnerabilities

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Red Hat update for zsh

Multiple vulnerabilities in ASRock Drivers