CVE-2018-10709

HIGH

ASRock RGBLED <1.0.35.1, A-Tuning/F-Stream <3.0.210, RestartToUEFI <1.0.6.2 - Privilege Escalation via CR Register

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2018-10709. PoCs published by SecureAuth.

AI-analyzed exploit summary The provided code demonstrates multiple local privilege escalation vulnerabilities in ASRock drivers (AsrDrv101.sys and AsrDrv102.sys) by exposing IOCTL functionality for CR register access, arbitrary physical memory read/write, and MSR register access. These vulnerabilities allow non-privileged users to execute arbitrary ring-0 code and elevate privileges.

Description

The AsrDrv101.sys and AsrDrv102.sys low-level drivers in ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, and RestartToUEFI before v1.0.6.2 expose functionality to read and write CR register values. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

Exploits (1)

exploitdb WORKING POC

by SecureAuth · textdoswindows

https://www.exploit-db.com/exploits/45716

View Code ZIP pw:eip

The provided code demonstrates multiple local privilege escalation vulnerabilities in ASRock drivers (AsrDrv101.sys and AsrDrv102.sys) by exposing IOCTL functionality for CR register access, arbitrary physical memory read/write, and MSR register access. These vulnerabilities allow non-privileged users to execute arbitrary ring-0 code and elevate privileges.

Classification

Working Poc 100%

Attack Type

Lpe

Complexity

Moderate

Reliability

Reliable

Target: ASRock RGBLED before v1.0.35.1, A-Tuning before v3.0.210, F-Stream before v3.0.210, RestartToUEFI before v1.0.6.2

No auth needed

Prerequisites: Local access to the system · ASRock drivers installed

MITRE ATT&CK

T1068 - Exploitation for Privilege Escalation T1055 - Process Injection

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Third Party Advisory x_refsource_misc

https://www.secureauth.com/labs/advisories/asrock-drivers-elevation-privilege-vulnerabilities

Exploit, Third Party Advisory, VDB Entry exploit x_refsource_exploit-db

https://www.exploit-db.com/exploits/45716/

Scores

CVSS v3 7.8

EPSS 0.0117

EPSS Percentile 63.3%

Attack Vector LOCAL

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Details

CWE

CWE-732

Status published

Products (4)

asrock/a-tuning < 3.0.210

asrock/f-stream < 3.0.210

asrock/restart_to_uefi < 1.0.6.2

asrock/rgbled < 1.0.35.1

Published Oct 30, 2018

Tracked Since Feb 18, 2026