CVE-2026-12168

Little · GameFirst Anti-Cheat

An improper validation vulnerability exists in the `GFAC_Sys_x64` driver for GameFirst Anti-Cheat, which could lead to unauthorized system-level actions.

Executive summary

An improper validation flaw in the GameFirst Anti-Cheat driver presents a high-severity risk, potentially allowing local attackers to escalate privileges or interact with the kernel.

Vulnerability

This vulnerability is an improper validation issue within the GFAC_Sys_x64 driver. Because this is a kernel-level driver, successful exploitation typically allows an attacker to bypass security restrictions or achieve elevated privileges on the host system.

Business impact

The CVSS score of 7.8 indicates a high-severity risk, specifically regarding the potential for privilege escalation on local machines. If exploited, an attacker could gain control over the host system, bypass security software, or maintain persistence, resulting in a total compromise of the affected workstation.

Remediation

Immediate Action: Update the GameFirst Anti-Cheat software to the latest version provided by the vendor to ensure the driver is patched.

Proactive Monitoring: Use Endpoint Detection and Response (EDR) tools to monitor for suspicious driver loading or kernel-level modifications.

Compensating Controls: Restrict local administrative privileges to prevent unauthorized software installation or driver manipulation on workstations.

Exploitation status

Public Exploit Available: false

Analyst recommendation

Vulnerabilities in anti-cheat drivers are highly attractive to threat actors due to their elevated system permissions. Administrators should ensure that all systems utilizing this software are patched immediately, and consider limiting the use of software that requires kernel-level drivers in high-security environments.