CVE-2024-33221

An issue in the component AsusBSItf.sys of ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 allows attackers to escalate privileges and execute arbitrary code via sending crafted IOCTL requests.
Configurations

No configuration.

History

21 Nov 2024, 09:16

Type Values Removed Values Added
References () https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33221 - () https://github.com/DriverHunter/Win-Driver-EXP/tree/main/CVE-2024-33221 -

01 Aug 2024, 13:51

Type Values Removed Values Added
CVSS v2 : unknown
v3 : unknown
v2 : unknown
v3 : 7.8
Summary
  • (es) Un problema en el componente AsusBSItf.sys de ASUSTeK Computer Inc ASUS BIOS Flash Driver v3.2.12.0 permite a los atacantes escalar privilegios y ejecutar código arbitrario mediante el envío de solicitudes IOCTL manipuladas.
CWE CWE-782

22 May 2024, 15:15

Type Values Removed Values Added
New CVE

Information

Published : 2024-05-22 15:15

Updated : 2024-11-21 09:16


NVD link : CVE-2024-33221

Mitre link : CVE-2024-33221

CVE.ORG link : CVE-2024-33221


JSON object : View

Products Affected

No product.

CWE
CWE-782

Exposed IOCTL with Insufficient Access Control