exploitDog

GHSA-6hqw-7984-94r6

Опубликовано: 22 июл. 2022

Источник: github

Github: Не прошло ревью

CVSS3: 7.8

Описание

There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%\ASUS\GameSDK.exe file.

There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%\ASUS\GameSDK.exe file.

Ссылки

EPSS

Процентиль: 42%

0.00194

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-428

Связанные уязвимости

CVE-2022-35899

CVSS3: 7.8

nvd

больше 3 лет назад

There is an unquoted service path in ASUSTeK Aura Ready Game SDK service (GameSDK.exe) 1.0.0.4. This might allow a local user to escalate privileges by creating a %PROGRAMFILES(X86)%\ASUS\GameSDK.exe file.

EPSS

Процентиль: 42%

0.00194

Низкий

7.8 High

CVSS3

CVE ID

Дефекты

CWE-428