GIGABYTE Control Center arbitrary file-write flaw (CVE-2026-4415)
Vulnerability
Summary
Hide ▲
Show ▼
A CVE-2026-4415 flaw in GIGABYTE Control Center lets a remote, unauthenticated attacker write arbitrary files on vulnerable Windows hosts, creating risk of code execution, privilege escalation, and denial of service. The issue affects systems with the pairing feature enabled on versions 25.07.21.01 and earlier, and GIGABYTE has a fixed release available.
Related Happenings
Linux distributions mitigation advisories for CVE-2026-31431
Advisory/Mitigation
First: 30.04.2026 12:24
Last: 30.04.2026 12:24
Sources 1
About this happening:
Multiple **Linux distributions** released advisories for **CVE-2026-31431**, adding mitigation guidance for a **Linux kernel local privilege escalation** that can let an unprivile...
Linux distributions mitigation advisories for CVE-2026-31431
Advisory/MitigationAbout this happening: Multiple **Linux distributions** released advisories for **CVE-2026-31431**, adding mitigation guidance for a **Linux kernel local privilege escalation** that can let an unprivile...
MongoDB Server CVE-2025-14847 mitigation advisory
Advisory/Mitigation
First: 24.12.2025 16:18
Last: 24.12.2025 16:18
Sources 1
About this happening:
MongoDB issued an **immediate mitigation advisory** for **CVE-2025-14847**, warning that **MongoDB Server** deployments face a **high-severity memory-read flaw** that **unauthenti...
MongoDB Server CVE-2025-14847 mitigation advisory
Advisory/MitigationAbout this happening: MongoDB issued an **immediate mitigation advisory** for **CVE-2025-14847**, warning that **MongoDB Server** deployments face a **high-severity memory-read flaw** that **unauthenti...
Timeline
-
01.04.2026 01:28 2 articles · 1mo ago
GIGABYTE Control Center arbitrary file-write vulnerability and fixed release
Initial DisclosureGIGABYTE Control Center has an arbitrary file-write flaw, tracked as CVE-2026-4415, that affects versions 25.07.21.01 and earlier when the pairing feature is enabled. A remote, unauthenticated attacker can write files to the underlying operating system, creating risk of code execution, privilege escalation, and denial of service. GIGABYTE says Control Center 25.12.10.01 includes fixes for download path management, message processing, and command encryption, and users are advised to upgrade immediately from the vendor’s official software portal.
Show sources
- GIGABYTE Control Center vulnerable to arbitrary file write flaw — www.bleepingcomputer.com — 01.04.2026 01:28
- GIGABYTE Control Center vulnerable to arbitrary file write flaw — www.bleepingcomputer.com — 01.04.2026 01:28