Unrated severityNVD Advisory· Published Jan 21, 2022· Updated Sep 16, 2024

ASUS VivoMini/Mini PC - improper input validation

CVE-2022-21933

Description

ASUS VivoMini/Mini PC device has an improper input validation vulnerability. A local attacker with system privilege can use system management interrupt (SMI) to modify memory, resulting in arbitrary code execution for controlling the system or disrupting service.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Asus/VivoMini/Mini PCllm-create
ASUS/PA90v5
Range: unspecified
ASUS/PB50v5
Range: unspecified
ASUS/PB60v5
Range: unspecified
ASUS/PB60Gv5
Range: unspecified
ASUS/PB60Sv5
Range: unspecified
ASUS/PB60Vv5
Range: unspecified
ASUS/PB61Vv5
Range: unspecified
ASUS/PN30v5
Range: unspecified
ASUS/PN40v5
Range: unspecified
ASUS/PN60v5
Range: unspecified
ASUS/TS10v5
Range: unspecified
ASUS/UN65Uv5
Range: unspecified
ASUS/VC65-C1v5
Range: unspecified

Patches

Vulnerability mechanics

No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.

References

www.twcert.org.tw/tw/cp-132-5547-34bc4-1.htmlmitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000