exploitDog

CVE-2018-18537

Опубликовано: 26 дек. 2018

Источник: nvd

CVSS3: 5.5

CVSS2: 2.1

EPSS Низкий

Описание

The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address.

Ссылки

http://packetstormsecurity.com/files/150893/ASUS-Driver-Privilege-Escalation.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2018/Dec/34
Exploit
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/106250
Third Party Advisory
VDB Entry
https://www.secureauth.com/labs/advisories/asus-drivers-elevation-privilege-vulnerabilities
Exploit
Third Party Advisory
http://packetstormsecurity.com/files/150893/ASUS-Driver-Privilege-Escalation.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2018/Dec/34
Exploit
Mailing List
Third Party Advisory
http://www.securityfocus.com/bid/106250
Third Party Advisory
VDB Entry
https://www.secureauth.com/labs/advisories/asus-drivers-elevation-privilege-vulnerabilities
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:asus:aura_sync_firmware:1.07.22:*:*:*:*:*:*:*

cpe:2.3:h:asus:aura_sync:-:*:*:*:*:*:*:*

EPSS

Процентиль: 26%

0.00089

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

GHSA-7qmc-mwv7-pcgv

CVSS3: 5.5

github

больше 3 лет назад

The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address.

EPSS

Процентиль: 26%

0.00089

Низкий

5.5 Medium

CVSS3

2.1 Low

CVSS2

Дефекты

NVD-CWE-noinfo