ASUS SetupAsusServices v1.0.5.1 in Asus Armoury Crate v5.3.4.0 contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.
References
Link | Resource |
---|---|
http://asus.com | Product |
http://setupasusservices.com | Product |
https://irradiate.com.au/blog/CVE-2023-26911 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
04 Aug 2023, 19:40
Type | Values Removed | Values Added |
---|---|---|
First Time |
Asus armoury Crate
Asus setupasusservices Asus |
|
References | (MISC) http://asus.com - Product | |
References | (MISC) http://setupasusservices.com - Product | |
References | (MISC) https://irradiate.com.au/blog/CVE-2023-26911 - Third Party Advisory | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
CWE | CWE-428 | |
CPE | cpe:2.3:a:asus:armoury_crate:*:*:*:*:*:*:*:* cpe:2.3:a:asus:setupasusservices:*:*:*:*:*:*:*:* |
26 Jul 2023, 14:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-07-26 14:15
Updated : 2024-02-28 20:33
NVD link : CVE-2023-26911
Mitre link : CVE-2023-26911
CVE.ORG link : CVE-2023-26911
JSON object : View
Products Affected
asus
- armoury_crate
- setupasusservices
CWE
CWE-428
Unquoted Search Path or Element