GIGABYTE｜Gigabyte Control Center – Arbitrary File Write_CVE-2026-4415

9.2 / 10

CRITICAL

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N

Description

Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation.

Basic Information

ID CVE-2026-4415

Source twcert

Published Mar 30, 2026 at 07:36

Modified Mar 31, 2026 at 03:55

Affected Product

Vendor GIGABYTE

Product Gigabyte Control Center

Affected Versions GIGABYTE Gigabyte Control Center 0

CWE Classification

CWE-23

References

{
    "lastseen": "",
    "description": "Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation.",
    "published": "2026-03-30T07:36:16.066Z",
    "modified": "2026-03-31T03:55:38.063Z",
    "type": "cve",
    "title": "GIGABYTE\uff5cGigabyte Control Center - Arbitrary File Write",
    "source": "twcert",
    "references": "https://www.twcert.org.tw/tw/cp-132-10803-ae014-1.html\nhttps://www.twcert.org.tw/en/cp-139-10804-689cd-2.html",
    "id": "CVE-2026-4415",
    "bulletinFamily": "",
    "cwe": [
        "CWE-23"
    ],
    "cvelist": null,
    "sourceData": "GIGABYTE Gigabyte Control Center 0",
    "sourceHref": "",
    "cvss": {
        "score": 9.2,
        "severity": "CRITICAL",
        "vector": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N",
        "version": "4.0"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "Gigabyte Control Center",
    "version": "0",
    "vendor": "GIGABYTE",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}