GIGABYTE Control Center Vulnerable to Arbitrary File Write Flaw
GIGABYTE Control Center Vulnerability 🚨
The GIGABYTE Control Center is vulnerable to an arbitrary file-write flaw that could allow a remote, unauthenticated attacker to access files on vulnerable hosts. The hardware maker warns that successful exploitation could potentially lead to code execution, privilege escalation, and a denial-of-service condition.
The GIGABYTE Control Center (GCC) is an all-in-one Windows utility that comes pre-installed on all the company’s laptops and motherboards. It allows users to manage and configure their hardware, supporting features like hardware monitoring, fan control, performance tuning, RGB lighting control, driver and firmware updates, and device management.
A notable feature in the Control Center is “pairing,” which enables communication with other devices or services over the network. Systems with the ‘pairing’ option enabled on Control Center versions 25.07.21.01 and earlier are particularly exposed to attacks. When the pairing feature is enabled, unauthenticated remote attackers can write arbitrary files to any location on the underlying operating system, leading to arbitrary code execution or privilege escalation, as warned by Taiwan’s CERT.
This issue, tracked as CVE-2026-4415, was discovered by SilentGrid security researcher David Sprüngli. Based on the CVSS v4.0 scoring system, it has a critical severity rating of 9.2 out of 10.
Recommended Actions 🔧
Users are strongly advised to upgrade to the latest version of Control Center, currently 25.12.10.01, which includes fixes for download path management, message processing, and command encryption to effectively mitigate the vulnerability.
Customers are urged to upgrade to the latest GCC version immediately! To minimize the risk of receiving trojanized installers, users of GIGABYTE products should download the latest GCC version from the vendor’s official software portal.