NA

CVE-2021-28685

Published: 08/04/2021 Updated: 08/04/2021

Vulnerability Summary

AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II prior to 2.3.0.3 allow low-privileged users to interact directly with physical memory (by calling one of several driver routines that map physical memory into the virtual address space of the calling process) and to interact with MSR registers. This could enable low-privileged users to achieve NT AUTHORITY\SYSTEM privileges via a DeviceIoControl.

Most Upvoted Vulmon Research Post

There is no Researcher post for this vulnerability
Would you like to share something about it? Sign up now to share your knowledge with the community.

Vulnerability Trend