CVE-2026-4415

HIGH

Published:Mar 30, 2026(Today)

Modified:Mar 30, 2026

AI Explanation

The Gigabyte Control Center has a vulnerability that allows unauthenticated remote attackers to write arbitrary files to any location on the system, potentially leading to code execution or privilege escalation. This is possible when the pairing feature is enabled. Attackers can exploit this to gain control of the system.

Users with the Gigabyte Control Center installed and the pairing feature enabled are at high risk of remote code execution and privilege escalation.

Network AccessHigh ComplexityNo Auth NeededNo User Interaction

How to Fix

1Disable the pairing feature in the Gigabyte Control Center, 2. Update the Gigabyte Control Center to the latest version, 3. Implement network segmentation to limit access to the system

References

https://www.twcert.org.tw/en/cp-139-10804-689cd-2.html
https://www.twcert.org.tw/tw/cp-132-10803-ae014-1.html

CVSS Score

v3.1

8.1/ 10.0

HIGH

AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

At a Glance

Affected Products

References

CVSS v3 Vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2026-4415

✦ AI Explanation

How to Fix

References

CVSS Score

At a Glance

CVSS v3 Vector

Impact Analysis

AI Explanation