ASUS EC Tool driver (aka d.sys) 1beb15c90dcf7a5234ed077833a0a3e900969b60be1d04fcebce0a9f8994bdbb, as signed by ASUS and shipped with multiple ASUS software products, contains multiple IOCTL handlers that provide raw read and write access to port I/O and MSRs via unprivileged IOCTL calls. Local users can gain privileges.
References
Link | Resource |
---|---|
https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0003.md | Third Party Advisory |
Configurations
History
24 Feb 2023, 16:01
Type | Values Removed | Values Added |
---|---|---|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:asus:armoury_crate:*:*:*:*:*:*:*:* | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.8 |
First Time |
Asus
Asus armoury Crate |
|
References | (MISC) https://github.com/mandiant/Vulnerability-Disclosures/blob/master/2023/MNDT-2023-0003.md - Third Party Advisory |
15 Feb 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2023-02-15 21:15
Updated : 2023-12-10 14:48
NVD link : CVE-2022-42455
Mitre link : CVE-2022-42455
CVE.ORG link : CVE-2022-42455
JSON object : View
Products Affected
asus
- armoury_crate
CWE