CVE-2026-4415

Summary

Gigabyte Control Center developed by GIGABYTE has an Arbitrary File Write vulnerability. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation.

Affected Software

VendorProductVersion RangeStatus
GIGABYTEGigabyte Control Center0 <= 25.07.21.01affected

Weaknesses

  • CWE-23: CWE-23 Relative path traversal

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References