Filtered by vendor Asus
Subscriptions
Filtered by product Aura Sync
Subscriptions
Total
5 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-44898 | 1 Asus | 1 Aura Sync | 2024-11-21 | 7.8 High |
| The MsIo64.sys component in Asus Aura Sync through v1.07.79 does not properly validate input to IOCTL 0x80102040, 0x80102044, 0x80102050, and 0x80102054, allowing attackers to trigger a memory corruption and cause a Denial of Service (DoS) or escalate privileges via crafted IOCTL requests. | ||||
| CVE-2019-17603 | 1 Asus | 1 Aura Sync | 2024-11-21 | 7.8 High |
| Ene.sys in Asus Aura Sync through 1.07.71 does not properly validate input to IOCTL 0x80102044, 0x80102050, and 0x80102054, which allows local users to cause a denial of service (system crash) or gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption. | ||||
| CVE-2018-18537 | 1 Asus | 2 Aura Sync, Aura Sync Firmware | 2024-11-21 | N/A |
| The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address. | ||||
| CVE-2018-18536 | 1 Asus | 2 Aura Sync, Aura Sync Firmware | 2024-11-21 | N/A |
| The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges. | ||||
| CVE-2018-18535 | 1 Asus | 2 Aura Sync, Aura Sync Firmware | 2024-11-21 | N/A |
| The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code. | ||||
Page 1 of 1.