Insecure Deserialization Vulnerability in GIGABYTE Control Center - EasyTune Engine (Performance Library)

GIGABYTE Technology Co., Ltd. acknowledges a recently identified insecure deserialization vulnerability (CVE-2026-4416) in the EasyTune Engine Service, a component of the Performance Library within the GIGABYTE Control Center (GCC) software. We are committed to providing secure and reliable products and are actively addressing this issue to protect our customers.

Vulnerability Details

 CVE Identifier: CVE-2026-4416.

 CVSS Score: 7.8 (High).

 Vulnerability Type: CWE-502: Deserialization of Untrusted Data.

 CAPEC Category: CAPEC-586: Object Injection.

Root Cause: The issue arises from the use of insecure communication channels, specifically .NET Remoting with BinaryFormatter, without sufficient restrictions.

Attack Scenario: As reported by David Sprüngli (p0cket), an authenticated local attacker can interact with the GigabyteEngine named pipe by sending a malicious serialized payload to the EasyTuneEngine service.

Potential Impact: This vulnerability allows a local malicious actor to execute arbitrary code with SYSTEM privileges, leading to Local Privilege Escalation (LPE).

Affected Products and Software

 Product Name: Performance Library / EasyTune Engine Service (within GCC).

 Affected Versions: Versions prior to 25.12.31.01.

 Mitigation Version: 25.12.31.01 or later.

Resolution and Recommended Actions

GIGABYTE has released a software update to rectify the IPC (Inter-Process Communication) process and ensure robust security across affected platforms.

Update Details: EasyTune Engine version 25.12.31.01 includes the implementation of Access Control Lists (ACLs) to prevent unprivileged interaction, as well as restrictive type filters and serialization binders to effectively mitigate the vulnerability.

Recommended Action: Customers are strongly advised to upgrade to the latest GCC version immediately.

Download Instructions: Please navigate to the Support section of the relevant product page to download the updated software.

Acknowledgement

We extend our gratitude to David Sprüngli (p0cket) for discovering and responsibly reporting this vulnerability. His collaboration has been invaluable in developing a swift and effective response.

*The release schedule may be adjusted without further notification. Please check this page or contact technical support for any future updates.

*For any further assistance regarding this issue please contact your sales representative, or create a new support ticket at https://esupport.gigabyte.com