CVE-2026-12167

Little (GameFirst) · GameFirst Anti-Cheat

A vulnerability in the Minifilter communication port for the GameFirst Anti-Cheat driver, GFAC_Sys_x64, may expose the system to unauthorized interactions.

Executive summary

The GameFirst Anti-Cheat driver contains a vulnerability in its communication port that could potentially be leveraged to impact system security.

Vulnerability

The vulnerability relates to the Minifilter communication port used by the GFAC_Sys_x64 driver. Such vulnerabilities typically involve improper validation of input or insufficient access control, which could allow local attackers to interact with or disrupt the driver's operations.

Business impact

With a CVSS score of 7.8, this High-severity vulnerability could allow an attacker with local access to interact with a kernel-mode driver. This poses a risk of system instability, potential privilege escalation, or bypassing security controls enforced by the anti-cheat software, which could undermine the integrity of the host machine.

Remediation

Immediate Action: Update the GameFirst Anti-Cheat software to the latest version recommended by the vendor.

Proactive Monitoring: Monitor system logs for unexpected driver behavior or errors related to the GFAC_Sys_x64 component.

Compensating Controls: Ensure that local user permissions are strictly limited to prevent unauthorized software execution that could interact with kernel-mode drivers.

Exploitation status

Public Exploit Available: false

Analyst recommendation

Kernel-mode vulnerabilities are inherently dangerous due to the level of access they afford. It is critical that security teams apply the vendor's updates immediately to ensure the GameFirst Anti-Cheat driver is properly secured against potential local exploitation.