Vulnerabilities > Asus > Aura Sync
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-14 | CVE-2022-44898 | Out-of-bounds Write vulnerability in Asus Aura Sync 1.07.71/1.07.79 The MsIo64.sys component in Asus Aura Sync through v1.07.79 does not properly validate input to IOCTL 0x80102040, 0x80102044, 0x80102050, and 0x80102054, allowing attackers to trigger a memory corruption and cause a Denial of Service (DoS) or escalate privileges via crafted IOCTL requests. | 7.8 |
| 2020-06-02 | CVE-2019-17603 | Out-of-bounds Write vulnerability in Asus Aura Sync 1.07.71 Ene.sys in Asus Aura Sync through 1.07.71 does not properly validate input to IOCTL 0x80102044, 0x80102050, and 0x80102054, which allows local users to cause a denial of service (system crash) or gain privileges via IOCTL requests using crafted kernel addresses that trigger memory corruption. | 7.2 |
| 2018-12-26 | CVE-2018-18537 | Unspecified vulnerability in Asus Aura Sync Firmware 1.07.22 The GLCKIo low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes a path to write an arbitrary DWORD to an arbitrary address. | 2.1 |
| 2018-12-26 | CVE-2018-18536 | Unspecified vulnerability in Asus Aura Sync Firmware 1.07.22 The GLCKIo and Asusgio low-level drivers in ASUS Aura Sync v1.07.22 and earlier expose functionality to read/write data from/to IO ports. | 7.2 |
| 2018-12-26 | CVE-2018-18535 | Unspecified vulnerability in Asus Aura Sync Firmware 1.07.22 The Asusgio low-level driver in ASUS Aura Sync v1.07.22 and earlier exposes functionality to read and write Machine Specific Registers (MSRs). | 7.2 |