Home
HIGH: 8.4 CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:NDefault status
unaffected
Any version before v3.1.65.0
affected
Default status
unaffected
Any version before v1.1.40.0
affected
Default status
unaffected
Any version
affected
Description
Untrusted Pointer Dereference in ASUS System Control Interface v3, ASUS System Control Interface, and ASUS Business Manager allows a local administrator to perform arbitrary physical memory read and write operations via crafted IOCTL requests to the driver, bypassing OS-enforced memory protections. Refer to the ' Security Update for ASUS System Control Interface ' section on the ASUS Security Advisory for more information.
Problem types
CWE-822: Untrusted Pointer Dereference
Product status
Any version before v3.1.65.0
Any version before v1.1.40.0
Any version
References
www.asus.com/security-advisory