Vulnerabilities > Asus
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-11-12 | CVE-2021-37910 | Improper Control of Interaction Frequency vulnerability in Asus products ASUS routers Wi-Fi protected access protocol (WPA2 and WPA3-SAE) has improper control of Interaction frequency vulnerability, an unauthenticated attacker can remotely disconnect other users' connections by sending specially crafted SAE authentication frames. | 5.3 |
| 2021-10-18 | CVE-2021-42055 | Incorrect Default Permissions vulnerability in Asus Ux582Lr Firmware 302 ASUSTek ZenBook Pro Due 15 UX582 laptop firmware through 203 has Insecure Permissions that allow attacks by a physically proximate attacker. | 6.8 |
| 2021-09-27 | CVE-2021-40981 | Uncontrolled Search Path Element vulnerability in Asus Armoury Crate Lite Service ASUS ROG Armoury Crate Lite before 4.2.10 allows local users to gain privileges by placing a Trojan horse file in the publicly writable %PROGRAMDATA%\ASUS\GamingCenterLib directory. | 7.3 |
| 2021-05-06 | CVE-2021-32030 | Improper Authentication vulnerability in Asus Gt-Ac2900 Firmware 3.0.0.4.386.41793 The administrator application on ASUS GT-AC2900 devices before 3.0.0.4.386.42643 allows authentication bypass when processing remote input from an unauthenticated user, leading to unauthorized access to the administrator interface. | 9.8 |
| 2021-04-12 | CVE-2021-3128 | Excessive Iteration vulnerability in Asus products In ASUS RT-AX3000, ZenWiFi AX (XT8), RT-AX88U, and other ASUS routers with firmware < 3.0.0.4.386.42095 or < 9.0.0.4.386.41994, when IPv6 is used, a routing loop can occur that generates excessive network traffic between an affected device and its upstream ISP's router. | 7.5 |
| 2021-04-08 | CVE-2021-28686 | Out-of-bounds Write vulnerability in Asus Gputweak II AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to trigger a stack-based buffer overflow. | 5.5 |
| 2021-04-08 | CVE-2021-28685 | Unspecified vulnerability in Asus Gputweak II AsIO2_64.sys and AsIO2_32.sys in ASUS GPUTweak II before 2.3.0.3 allow low-privileged users to interact directly with physical memory (by calling one of several driver routines that map physical memory into the virtual address space of the calling process) and to interact with MSR registers. | 7.8 |
| 2021-04-06 | CVE-2021-28209 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Delete video file function) does not filter the specific parameter. | 4.9 |
| 2021-04-06 | CVE-2021-28208 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Get video file function) does not filter the specific parameter. | 4.9 |
| 2021-04-06 | CVE-2021-28207 | Path Traversal vulnerability in Asus products The specific function in ASUS BMC’s firmware Web management page (Get Help file function) does not filter the specific parameter. | 4.9 |