Description
**UNSUPPORTED WHEN ASSIGNED** Exposed IOCTL with Insufficient Access Control in the ASUS AURA SYNC driver allows a local user to bypass the driver's verification and invoke arbitrary IOCTLs, resulting in privilege escalation.
Refer to the 'End-of-Life Notice and Driver Update for Legacy ASUS Drivers ' section on the ASUS Security Advisory for more information.
Refer to the 'End-of-Life Notice and Driver Update for Legacy ASUS Drivers ' section on the ASUS Security Advisory for more information.
No analysis available yet.
Remediation
No remediation available yet.
Tracking
Sign in to view the affected projects.
Advisories
No advisories yet.
References
| Link | Providers |
|---|---|
| https://www.asus.com/security-advisory |
|
History
Fri, 17 Jul 2026 06:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | **UNSUPPORTED WHEN ASSIGNED** Exposed IOCTL with Insufficient Access Control in the ASUS AURA SYNC driver allows a local user to bypass the driver's verification and invoke arbitrary IOCTLs, resulting in privilege escalation. Refer to the 'End-of-Life Notice and Driver Update for Legacy ASUS Drivers ' section on the ASUS Security Advisory for more information. | |
| First Time appeared |
Asus
Asus aura Sync |
|
| Weaknesses | CWE-782 | |
| CPEs | cpe:2.3:a:asus:aura_sync:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Asus
Asus aura Sync |
|
| References |
| |
| Metrics |
cvssV4_0
|
Status: PUBLISHED
Assigner: ASUS
Published:
Updated: 2026-07-17T06:00:10.806Z
Reserved: 2026-06-23T07:34:36.865Z
Link: CVE-2019-25764
No data.
No data.
No data.
OpenCVE Enrichment
Updated: 2026-07-17T08:00:06Z
Weaknesses
-
CWE-782
Exposed IOCTL with Insufficient Access Control