Get our weekly newsletter It tries to load a file from a location any old user can write to
A flaw in ASUS's ROG Armoury Crate hardware management app could have allowed low-privileged users to execute code as administrator. The now-patched privilege escalation vulnerability was uncovered by "Federico" from Italian hacker collective APTortellini. Federico discovered the vuln after taking a close look at ROG Armoury Crate, finding a DLL hijacking vuln that allowed ordinary users to execute code with SYSTEM privileges after pasting a crafted file into a directory used by the app. The sof...