1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Gigabyte warns users Control Center flaw could let hackers hijack

    From TechnologyDaily@1337:1/100 to All on Wednesday, April 01, 2026 17:30:29
    Gigabyte warns users Control Center flaw could let hackers hijack your files

    Date:
    Wed, 01 Apr 2026 16:15:00 +0000

    Description:
    A Windows utility tool was found vulnerable to a critical flaw that enabled RCE, DoS, and other risks.

    FULL STORY ======================================================================Copy link Facebook X Whatsapp Reddit Pinterest Flipboard Threads Email Share this article 0 Join the conversation Follow us Add us as a preferred source on Google Newsletter Tech Radar Pro Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Become a Member in Seconds Unlock instant access to exclusive member features. Contact me with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over. You are
    now subscribed Your newsletter sign-up was successful Join the club Get full access to premium articles, exclusive features and a growing list of member rewards. Explore An account already exists for this email address, please log in. Subscribe to our newsletter GIGABYTE Control Center carried critical CVE20264415 vulnerability in its pairing feature Flaw allowed unauthenticated remote attackers to write arbitrary files, execute code, and escalate privileges Patch released in version 25.12.10.01; users urged to update immediately to secure affected systems GIGABYTE Control Center, a Windows utility which comes preloaded with certain computers, carried a critical-severity vulnerability that allowed malicious actors to access
    files, run code, and trigger denial-of-service conditions on affected
    devices.

    The bug has now been addressed and users are advised to patch up without delay. GIGABYTE is a major hardware manufacturer known for, among other things, PC motherboards. It also built and maintains GIGABYTE Control Center, a utility program for PCs powered by its motherboards. Inside, users can manage and configure different hardware components, such as fans, RGB lights, driver and firmware updates, and more. Article continues below You may like AMD CPU users beware - this security flaw could spill all your secrets BeyondTrust RCE flaw lets hackers run code without logging in New botnet reportedly targets HPE OneView, so be on your guard "Pairing" is to blame One of its features, called pairing was the root cause of this issue. Pairing is
    a feature that allows Control Center to communicate with other devices over a network.

    When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system , leading to arbitrary code execution or privilege escalation, the National Vulnerability Database explained.

    Some sources claim the attack does not require user interaction or prior authentication, which would make it more dangerous than your average, run-of-the-mill bug.

    It is probably the reason why the bug, now tracked as CVE-2026-4415, was
    given a severity score of 9.2/10 (critical). It was first disclosed by
    Taiwans Computer Emergency Response Team (TWCERT/CC), who credited security researcher David Sprngli for the discovery. Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Contact me
    with news and offers from other Future brands Receive email from us on behalf of our trusted partners or sponsors By submitting your information you agree to the Terms & Conditions and Privacy Policy and are aged 16 or over.

    Versions 25.07.21.01 and earlier are apparently vulnerable, and users are advised to upgrade to version 25.12.10.01 or newer, as soon as possible. This version includes fixes for download path management, message processing, and command encryption, which plug the hole. Gigabyte is yet to publish a standalone security bullet, but users can find the latest version of the software in its standard distribution channels.

    Via BleepingComputer The best antivirus for all budgets Our top picks, based on real-world testing and comparisons

    Read our full guide to the best antivirus 1. Best overall: Bitdefender Total Security 2. Best for families: Norton 360 with LifeLock 3. Best for mobile: McAfee Mobile Security Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too.



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/gigabyte-warns-users-control-center-fla w-could-let-hackers-hijack-your-files


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)