CVE-2019-25764
Vulnerability Description
**UNSUPPORTED WHEN ASSIGNED** Exposed IOCTL with Insufficient Access Control in the ASUS AURA SYNC driver allows a local user to bypass the driver's verification and invoke arbitrary IOCTLs, resulting in privilege escalation.
Refer to the 'End-of-Life Notice and Driver Update for Legacy ASUS Drivers ' section on the ASUS Security Advisory for more information.
Refer to the 'End-of-Life Notice and Driver Update for Legacy ASUS Drivers ' section on the ASUS Security Advisory for more information.
Vulnerability Details
Published Date
Last Modified
CWE ID
CWE-782
Source
NVD
Vendor
ASUS
Product
AURA SYNC
Discussion (0)
Add Comment
No comments yet. Be the first!