{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2026-4416", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "state": "PUBLISHED", "assignerShortName": "twcert", "dateReserved": "2026-03-19T02:53:09.032Z", "datePublished": "2026-03-30T07:52:21.641Z", "dateUpdated": "2026-03-30T15:08:37.998Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2026-03-30T07:52:21.641Z"}, "title": "GIGABYTE\uff5cPerformance Library - Insecure Deserialization", "datePublic": "2026-03-30T07:47:00.000Z", "problemTypes": [{"descriptions": [{"lang": "en", "cweId": "CWE-502", "description": "CWE-502 Deserialization of untrusted data", "type": "CWE"}]}], "impacts": [{"capecId": "CAPEC-586", "descriptions": [{"lang": "en", "value": "CAPEC-586 Object Injection"}]}], "affected": [{"vendor": "GIGABYTE", "product": "Performance Library", "versions": [{"status": "affected", "version": "0", "lessThan": "25.12.31.01", "versionType": "custom"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine service, resulting in privilege escalation.", "supportingMedia": [{"type": "text/html", "base64": false, "value": "The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine service, resulting in privilege escalation."}]}], "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-10805-a53f6-1.html", "tags": ["third-party-advisory"]}, {"url": "https://www.twcert.org.tw/en/cp-139-10806-fbc4a-2.html", "tags": ["third-party-advisory"]}], "metrics": [{"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV4_0": {"attackVector": "LOCAL", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subIntegrityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subAvailabilityImpact": "NONE", "exploitMaturity": "NOT_DEFINED", "Safety": "NOT_DEFINED", "Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "valueDensity": "NOT_DEFINED", "vulnerabilityResponseEffort": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "version": "4.0", "baseSeverity": "HIGH", "baseScore": 8.5, "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N"}}, {"format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}], "cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "LOW", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "availabilityImpact": "HIGH", "baseSeverity": "HIGH", "baseScore": 7.8, "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H"}}], "solutions": [{"lang": "en", "value": "Please update to version 25.12.31.01 or later.", "supportingMedia": [{"type": "text/html", "base64": false, "value": " Please update to version 25.12.31.01 or later."}]}], "source": {"advisory": "TVN-202603009", "discovery": "EXTERNAL"}, "x_generator": {"engine": "Vulnogram 1.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2026-03-30T15:07:19.795398Z", "id": "CVE-2026-4416", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T15:08:37.998Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2026-4416", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2026-03-30T15:07:19.795398Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-30T15:08:28.901Z"}}], "cna": {"title": "GIGABYTE\uff5cPerformance Library - Insecure Deserialization", "source": {"advisory": "TVN-202603009", "discovery": "EXTERNAL"}, "impacts": [{"capecId": "CAPEC-586", "descriptions": [{"lang": "en", "value": "CAPEC-586 Object Injection"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 8.5, "Automatable": "NOT_DEFINED", "attackVector": "LOCAL", "baseSeverity": "HIGH", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "exploitMaturity": "NOT_DEFINED", "providerUrgency": "NOT_DEFINED", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "LOW", "confidentialityImpact": "HIGH"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "GIGABYTE", "product": "Performance Library", "versions": [{"status": "affected", "version": "0", "lessThan": "25.12.31.01", "versionType": "custom"}], "defaultStatus": "unaffected"}], "solutions": [{"lang": "en", "value": "Please update to version 25.12.31.01 or later.", "supportingMedia": [{"type": "text/html", "value": " Please update to version 25.12.31.01 or later.", "base64": false}]}], "datePublic": "2026-03-30T07:47:00.000Z", "references": [{"url": "https://www.twcert.org.tw/tw/cp-132-10805-a53f6-1.html", "tags": ["third-party-advisory"]}, {"url": "https://www.twcert.org.tw/en/cp-139-10806-fbc4a-2.html", "tags": ["third-party-advisory"]}], "x_generator": {"engine": "Vulnogram 1.0.1"}, "descriptions": [{"lang": "en", "value": "The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine service, resulting in privilege escalation.", "supportingMedia": [{"type": "text/html", "value": "The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine service, resulting in privilege escalation.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-502", "description": "CWE-502 Deserialization of untrusted data"}]}], "providerMetadata": {"orgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "shortName": "twcert", "dateUpdated": "2026-03-30T07:52:21.641Z"}}}, "cveMetadata": {"cveId": "CVE-2026-4416", "state": "PUBLISHED", "dateUpdated": "2026-03-30T15:08:37.998Z", "dateReserved": "2026-03-19T02:53:09.032Z", "assignerOrgId": "cded6c7f-6ce5-4948-8f87-aa7a3bbb6b0e", "datePublished": "2026-03-30T07:52:21.641Z", "assignerShortName": "twcert"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:gigabyte:performance_library:*:*:*:*:*:*:*:*", "matchCriteriaId": "90A2231A-3F0C-42F6-B9F9-8B62715C77B3", "versionEndExcluding": "25.12.31.01", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Performance Library component of Gigabyte Control Center has an Insecure Deserialization vulnerability. Authenticated local attackers can send a malicious serialized payload to the EasyTune Engine service, resulting in privilege escalation."}, {"lang": "es", "value": "El componente Performance Library de Gigabyte Control Center tiene una vulnerabilidad de deserializaci\u00f3n insegura. Atacantes locales autenticados pueden enviar una carga \u00fatil serializada maliciosa al servicio EasyTune Engine, lo que resulta en escalada de privilegios."}], "id": "CVE-2026-4416", "lastModified": "2026-04-08T19:23:47.020", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "twcert@cert.org.tw", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.5, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "twcert@cert.org.tw", "type": "Secondary"}]}, "published": "2026-03-30T08:16:18.360", "references": [{"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/en/cp-139-10806-fbc4a-2.html"}, {"source": "twcert@cert.org.tw", "tags": ["Third Party Advisory"], "url": "https://www.twcert.org.tw/tw/cp-132-10805-a53f6-1.html"}], "sourceIdentifier": "twcert@cert.org.tw", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-502"}], "source": "twcert@cert.org.tw", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "generic", "value": "[0,25.12.31.01)"}}], "enrichment": {"confidence": 100.0, "confidence_source": "cna", "scores": [{"score": 100.0, "source": "cna"}]}, "original": {"product": "Performance Library", "source": "cna", "vendor": "GIGABYTE"}, "product": "performance_library", "vendor": "gigabyte"}], "analysis": {"en": {"generated_at": "2026-04-08T20:41:42.295493+00:00", "value": {"mitigation_remediation": ["Verify the installed version of Gigabyte Control Center and the Performance Library component.", "Download and install update version\u00a025.12.31.01 or later from Gigabyte\u2019s official resources.", "Restart the system or reload the EasyTune Engine service to ensure the update takes effect."], "summary": {"action": "Immediate Patch", "impact": "Privilege Escalation"}, "threat_synthesis": {"affected_systems": "All installations of Gigabyte Control Center that include the Performance Library and run a version earlier than 25.12.31.01 are affected. Any system where the EasyTune Engine service is active is vulnerable. These installations typically reside on Windows machines used in environments with Gigabyte hardware or software bundles.", "description_and_impact": "The Gigabyte Performance Library component of the Control Center performs deserialization of untrusted data in an insecure manner. An attacker with local access can craft a malicious serialized payload and send it to the EasyTune Engine service; when processed, the payload can trigger arbitrary code execution, effectively elevating the attacker\u2019s privileges on the affected system.", "risk_and_exploitability": "The vulnerability carries a CVSS score of 8.5, indicating high severity, while the EPSS score is less than 1%, implying a low probability of current exploitation. It is not listed in the CISA KEV catalog. Attackers must be authenticated locally to send the malicious payload, so the attack vector is local. Successful exploitation would enable the attacker to gain elevated privileges, potentially compromising the entire system."}}}}, "created": "2026-03-30T20:56:00.887605+00:00", "updated": "2026-04-09T08:29:28.701781+00:00", "vendors": ["gigabyte", "gigabyte$PRODUCT$performance_library"]}