Primary

Context

Gigabyte Control Center Performance Library Insecure Deserialization Vulnerability Allowing Privilege Escalation

Vulnerability

A vulnerability allowing insecure deserialization has been identified in the Performance Library component of Gigabyte Control Center, affecting versions prior to 25.12.31.01. This vulnerability allows authenticated local attackers to send malicious serialized payloads to the EasyTune Engine service, leading to privilege escalation.

Impact

Exploitation of this vulnerability could result in unauthorized privilege escalation.

Remediation

Users are advised to update to version 25.12.31.01 or later.

Added: Mar 30, 2026, 8:18 AM

Updated: Mar 30, 2026, 8:18 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

2.7

remediation

0.0

relevance

4.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

10.0

exploitability

2.7

remediation

0.0

relevance

4.9

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Gigabyte Control Center Performance Library Insecure Deserialization Vulnerability Allowing Privilege Escalation

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating