Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
asus aura sync vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2022-44898
The MsIo64.sys component in Asus Aura Sync through v1.07.79 does not properly validate input to IOCTL 0x80102040, 0x80102044, 0x80102050, and 0x80102054, allowing malicious users to trigger a memory corruption and cause a Denial of Service (DoS) or escalate privileges via crafted...
Asus Aura Sync
7.8
CVSSv3
CVE-2019-17603
Ene.sys in Asus Aura Sync up to and including 1.07.71 does not properly validate input to IOCTL 0x80102044, 0x80102050, and 0x80102054, which allows local users to cause a denial of service (system crash) or gain privileges via IOCTL requests using crafted kernel addresses that t...
Asus Aura Sync
1 Github repository
7.8
CVSSv3
CVE-2018-18535
The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and previous versions exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.
Asus Aura Sync Firmware 1.07.22
7.8
CVSSv3
CVE-2018-18536
The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and previous versions expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
Asus Aura Sync Firmware 1.07.22
5.5
CVSSv3
CVE-2018-18537
The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and previous versions exposes a path to write an arbitrary DWORD to an arbitrary address.
Asus Aura Sync Firmware 1.07.22
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started