CVE-2024-33218

An issue in the component AsUpIO64.sys of ASUSTeK Computer Inc ASUS USB 3.0 Boost Storage Driver 5.30.20.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
Configurations

No configuration.

History

21 Nov 2024, 09:16

Type Values Removed Values Added
References () https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33218 - () https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33218 -

01 Aug 2024, 13:51

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
Summary
  • (es) Un problema en el componente AsUpIO64.sys de ASUSTeK Computer Inc ASUS USB 3.0 Boost Storage Driver 5.30.20.0 permite a los atacantes escalar privilegios y ejecutar código arbitrario mediante el envío de solicitudes IOCTL manipuladas.
CWE CWE-782

22 May 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-22 15:15

Updated : 2024-11-21 09:16


NVD link : CVE-2024-33218

Mitre link : CVE-2024-33218

CVE.ORG link : CVE-2024-33218


JSON object : View

Products Affected

No product.

CWE
CWE-782

Exposed IOCTL with Insufficient Access Control