RGB LED lights look really cool, whether they’re stuffed inside your computer or shining brightly on your keyboard. But a new investigation indicates that these lights could be a major security risk to your PC depending on which brand you use.
An independent security audit has revealed (via Bleeping Computer) the existence of seven vulnerabilities out there affecting five different software drivers. Hardware developers from two separate companies affected by these security vulnerabilities haven’t yet been forthcoming with ways to address the issues.
For ASUS, these vulnerabilities are found in the Aura Sync software (v1.07.22 and earlier), which helps control the LED lighting on various pieces of hardware such as keyboards, mice, and motherboards. Aura Sync helps install the ASUS’ GLCKIo and Asusgio drivers, which have vulnerabilities that put the PC at risk when installed.
These flaws were found by Diego Juarez, who is a exploit writer at SecureAuth, who contacted ASUS about the issues. But despite ASUS eventually addressing the issue and releasing two new updates of Aura Sync, researchers say that there are still two vulnerabilities unaddressed, and ASUS has not replied to SecureAuth about the issues since March 26.
Gigabyte drivers are also affected. The GPCIDrv and GDrv drivers that are installed can receive system calls from non-privileged user processes, possibly running code on your computer that isn’t trusted. Another bug exposes a party for non-privileged access to read and write data from input and output ports. But the biggest one, called the CVE-2018-19320, offers anyone who exploits the bug the ability to take full control of the system.
Like with ASUS, SecureAuth contacted developer Gigabyte about the issues. The company initially replied that they are a hardware company and don’t specialize in software. After requesting technical details about the issues, the team eventually said that the company’s products aren’t affected by the vulnerabilities, and has taken no action to fix them.
