Vulnerabilities (CVE)

Filtered by vendor Asus Subscribe
Filtered by product Aura Sync Firmware
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2018-18537 1 Asus 2 Aura Sync, Aura Sync Firmware 2024-11-21 2.1 LOW 5.5 MEDIUM
The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address.
CVE-2018-18536 1 Asus 2 Aura Sync, Aura Sync Firmware 2024-11-21 7.2 HIGH 7.8 HIGH
The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.
CVE-2018-18535 1 Asus 2 Aura Sync, Aura Sync Firmware 2024-11-21 7.2 HIGH 7.8 HIGH
The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.