VYPR

Aura Sync

by Asus

CVEs (5)

  • CVE-2022-44898Dec 14, 2022
    risk 0.00cvss epss 0.00

    The MsIo64.sys component in Asus Aura Sync through v1.07.79 does not properly validate input to IOCTL 0x80102040, 0x80102044, 0x80102050, and 0x80102054, allowing attackers to trigger a memory corruption and cause a Denial of Service (DoS) or escalate privileges via crafted…

  • CVE-2019-17603Jun 2, 2020
    risk 0.00cvss epss 0.01

    Ene.sys in Asus Aura Sync through 1.07.71 does not properly validate input to IOCTL 0x80102044, 0x80102050, and 0x80102054, which allows local users to cause a denial of service (system crash) or gain privileges via IOCTL requests using crafted kernel addresses that trigger…

  • CVE-2018-18536Dec 26, 2018
    risk 0.00cvss epss 0.01

    The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality to read/write data from/to IO ports. This could be leveraged in a number of ways to ultimately run code with elevated privileges.

  • CVE-2018-18537Dec 26, 2018
    risk 0.00cvss epss 0.01

    The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address.

  • CVE-2018-18535Dec 26, 2018
    risk 0.00cvss epss 0.01

    The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read and write Machine Specific Registers (MSRs). This could be leveraged to execute arbitrary ring-0 code.